CACI International Senior Cyber Technical Intel Analyst in Linthicum, Maryland
Senior Cyber Technical Intel Analyst
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: Secret
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Local
Senior Cybersecurity Intelligence Analyst for the DoD/Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE). The successful candidate will author strategic and tactical cyber threat reports that detail threats to the Defense Industrial Base for DIB and US Government partner consumption. Candidates should have a strong background tracking Advanced Persistent Threat (APT) activity and associated Tactics, Techniques and Procedures (TTPs) that threaten data and information systems. Products ultimately contribute to network defense and cyber threat awareness.
18-22 years of professional experience without a degree; or 10-14 years of professional experience with a Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education; or 8-12 years of professional experience with a related Masters degree; or 4 years of professional experience required with a related PhD or JD; Considered an emerging authority / authority in discipline. Consideration should always be given for the level of specific domain expertise.
• Minimum of five years of experience tracking and profiling APT groups
• Comprehensive understanding of APT TTPs and indicators of compromise (IOC)
• A working understanding of cyber threat intelligence platforms to collect and correlate cyber threat information
• Deep understanding of operating systems: file structures, processes, services, and application execution
• Understanding of malware functionality, static and dynamic analysis, and ability to identify IOCs, attributes and understanding of signatures
• Experience writing detailed threat reports, based on own analytic initiative and using multi-source intelligence and narrative analysis, which lead to a supported conclusion
• Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model and MITRE ATT&CK
• Experience performing focused research and analysis to write complete, accurate, relevant and timely cyber threat intelligence reports to support network defense
• Ability to create and present compelling briefings to relay relevant cyber threat information to technical and non-technical audiences
• Flexibility to adapt to changing priorities and tight timelines
• Experience with basic usage of scripting languages such as Python, Powershell, Bash for automation and data analysis
MUST HAVE ACTIVE SECRET CLEARANCE
• Two to four years SOC experience
• Several years of IC experience
• Expertise with VirusTotal Intelligence, DomainTools Iris
• Industry certifications; CEH, GCTI, GOSI, OSCP, GCED, GDAT, GDSA, GRID, GEVA, GPEN, GXPN
• Ability to develop Yara or Snort signatures
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity Employer – Females/Minorities/Protected Veterans/Individuals with Disabilities.