Active DoD Secret Clearance

• Leading enterprise efforts on risk assessment, detailed technical recommendations and coordination of remediation and mitigation strategies.
• Preparing reports and conducting briefings for senior leadership related to routine and high-profile vulnerability analysis.
• Developing and perform high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, policy compliance and vulnerability analysis of the overall enterprise security posture.
• Communicating recommendations to the responsible parties, and engaging in both tracking and verification of their remediation efforts.
• Continually analyzing available security information, including results of configuration compliance verification, vulnerability scans, database assessments, security and system patch information, threat reporting, OIG reporting, and other intelligence information to update and assess the status of an organization’s cyber security posture.
• Assisting in the analysis, selection, implementation, and/or development of enterprise security tools.
• Interfacing with vendor support teams to keep abreast of developments within products currently in use.
• Documenting team processes for use in internal Standard Operating Procedures (SOPs), and other on-the-shelf documentation of processes for future team reference.
• Building working relationships to effectively complete the mission, while acknowledging and respecting stakeholder needs and requirements.
• Both formulating new and adjusting existing information security metrics for the purpose of analysis and greater enterprise security posture awareness.
• Consultation and support to other parties concerning Computer Network Defense (CND), often on an ad hoc basis, as necessary for the mission

• Bachelor’s Degree or equivalent years of experience in a relevant field (e.g. Cybersecurity, Information Technology, or Computer Science).
• Minimum five (5) years of experience in information security, information technology, or related field.
• Proficiency in traditional Blue Team or Red Team network security activities.
• Experience developing goals, processes and a methodology for effective cyber security assessments.
• Experience performing manual and automated analysis of systems and networks to identify, assess, and mitigate vulnerabilities to strengthen organizational security posture.
• Experience performing risk assessments by correlating known vulnerabilities, understanding of the threat environment, and prioritization to mitigate risk to network assets.
• Effective written and verbal communications skills to prepare and present security assessment results to stakeholders, and to further build relationships with them.
• Proficiency in Splunk, Tanium, and other enterprise-level data analytics tools.
• Experience with Windows Desktop, Windows Server and Linux operating systems and system administration – specifically with regard to patching and compliance.
• Experience with networking hardware (routers, switches, firewalls) and configurations – specifically with regard to patching and compliance.
• A solid understanding of core networking concepts such as DMZs, subnets, VLANs, private IP addressing and NAT.

• Security+ and/or Network+ certification.
• Certified Ethical Hacker certification.
• Certified Information Security Systems Professional (CISSP) certification.
• 2+ years of experience familiarity with NIST Special Publication 800-53 and CVE (Common Vulnerabilities and Exposures) standards.
• Experience with project management to ensure stakeholders remain on schedule with patching and policy compliance to improve overall network security posture.
• Experience in developing and leading remediation/ mitigation activities, and building strategies, status updates, and reports on those activities.

Provide technical subject matter expertise for a small team focused on adopting an array of Cloud-based technologies and services. The engineer should be looking to apply their experience with AWS, Azure, Google and other IaaS, PaaS, SaaS technology and services to assist in solving the technical challenges faced by our customers. The team evaluates new solutions to ensure that they are designed, engineered, and deployed to meet the security objectives in mission-focused environments.

The Cloud Cybersecurity Engineer will be responsible for evaluating designs and helping to engineer cloud-based solutions for customers in their transition to Cloud and hybrid infrastructure. The individual will assess and support the integration of new security features (CSP security tools, CASB, etc.) into existing infrastructures, provide gap analysis of cybersecurity features, and relate the existing system to future needs and trends. Working closely with project leads, the Cloud Cybersecurity Engineer will provide engineering recommendations that align technical and security capabilities that support business needs. The individual will also evaluate proposed cloud infrastructure changes to ensure security protections remain effective.

As part of a small team, the Cloud Cybersecurity Engineer will focus on providing Cloud expertise on methodical architecture evaluation, networking and firewall rule evaluation, and intrusion detection and prevention sensor (IDPS) deployment in cloud environments that enable continuous monitoring.

As a key contributor to a large program, the Cloud Cybersecurity Engineer must be able to support specific projects and other team members with projects, from inception through full implementation. They must share responsibility and information with peers to facilitate open communication open and the successful implementation of projects.

• Work with customer to engage project managers in understanding security requirements and best practices;
• Evaluate proposed Cloud architecture and protection changes to evaluate potential risks and determine effectiveness;
• Research emerging Cloud and security technologies, policies, and best practices; apply to wide array of customer needs;
• Maintain awareness of current threats in support of security solution development efforts;
• Work across Cloud technology teams to enhance/reinforce security in Cloud infrastructure efforts and behaviors;
• Provide briefings and written recommendations to senior leadership on major new technologies, issues, and changes that impact cyber risks;
• Provide technical expertise, working independently and with team members, to ensure maximum cybersecurity protections;
• Prepare and provide written and verbal recommendations for mitigating cyber risks across a wide array of technologies, including Cloud;
• Document the standard operating procedures for supporting each capability and recovering from any system degradation;
• Provide technical expertise to meet current and future security design, as well as architecture requirements for IaaS, PaaS, and SaaS implementations;
• Collaborate with fellow team members and various stakeholders, sharing information and knowledge to establish and maintain a productive line of communication.

• Bachelor’s Degree in relevant field
• Minimum five (5) years of experience in enterprise systems lifecycle management, structured system development methodologies (preferably Information Engineering with a focus on cloud technology), structured analysis, and/or information systems development or a relevant technical discipline
• Three (3) years of experience engineering/administering cloud solutions for IaaS, PaaS and SaaS
• Demonstrated experience working with network routing, virtual private networks (VPN), software defined networking (SDN), and Public Key Infrastructure (PKI)
• Proficiency in network protocol analysis, firewall, cryptographic standards and related technical protection rule analysis for both cloud and hybrid infrastructure.
• Strong understanding of network security monitoring principles, including IDS placement, both Cloud-based and on premise, supporting a hybrid infrastructure (host and network based)

• MS in related field
• Experience with the implementation and support of advanced Identity and Access Management solutions, including directory services, PIV, single-sign on, authentication services, privileged access management, and federation (OAuth, OpenID, SAML, etc.)
• Experience in Linux/Unix, shell scripting
• Experience in Powershell
• Experience with container technologies
• Desired Certifications: CISSP, CCSP, ISSAP, ISSEP, CCNP, RHCE, CEH, AWS, Azure

Provides Cloud Penetration testing and Vulnerability Analysis support to a cabinet level federal agency. Contributes to a team of information assurance professionals working to improve the clients’ technical security posture. Duties include planning and conducting penetration tests, writing reports, briefing event details to leadership, and coordinating remediation with personnel throughout the globe.

Must possess six (6) years of substantive IT knowledge and demonstrate hands-on expertise and/or training in areas of emerging cloud and mobile technologies. The focus of this position is on testing the security and implementation of GOV-Cloud systems (Amazon AWS, Google Cloud, and Microsoft Azure and O365, among others), assessing the risks inherent in a cloud implementation, and how that impacts the traditional “on premises” existing architecture. The candidate must also have hands-on experience and expertise with ethical hacking, traditional penetration testing techniques, secure coding practices and threat modeling. Be a self-starter with, keen analytical skills, curiosity, agility, and adaptability. The ability to work quickly, willingness to work on ad hoc assignments, work independently as needed, strong written and verbal communication skills, and recognizing the importance of being a team player. In addition the candidate must possess the following skill set:

• Able to conduct Penetration Tests and Vulnerability Analysis using Automated and Manual TTPs.
• Have experience with common cloud implementations and their vulnerabilities
• Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.
• Must be able to use at least two of the following proficiently and instruct others on them: Nessus, Burp, Metasploit Framework/Pro, and the Social Engineering Toolkit.
• Must have solid working experience and knowledge of Windows and Unix/Linux operating system
• Firm understanding of network and system architecture and analysis. Fundamentals of network routing & switching, assessing network device configurations, and operating systems (Windows/nix)
• Scripting (Windows/nix), Bash, Python, Perl or Ruby, Systems Programming
• Strong familiarity with at least one of the following: OWASP top 10, PTES and NIST 800-53.
• Must be able to work alone or in a small group.

• Performs cloud and network penetration testing, application testing, source code reviews, threat analysis, and social-engineering assessments
• Briefs executive summary and findings to stakeholders to include Sr. Leadership
• Have an understanding of how to create unique exploit code, bypass AV and mimic adversarial threats.
• Assesses the current state of the customer’s system security by identifying all vulnerabilities and security measures.
• Helps customer perform analysis and mitigation of security vulnerabilities.
• Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.
• Provide support to incident response teams through capability enhancement and reporting.
• Mentor Jr and Mid staff members by creating and teaching latest techniques in ethical
• hacking and vulnerability analysis.

•  OSCP, GIAC GPEN, GWAPT or other Penetration Testing certifications
•  CISSP
•  Certified Ethical Hacker

• DoD Secret Clearance
• Must possess six (6) years of substantive IT knowledge and demonstrate hands-on expertise and/or training in areas of emerging cloud and mobile technologies
• A Bachelor’s degree in Computer Science, Information Systems, Engineering, Telecommunications, or similar field required. Master’s degree preferred

Serves as a Cyber Threat Hunter and Researcher and Malware Analysis Subject Matter Expert (SME) in support of a major federal client. This organization provides services that analyze and produce enhanced cyber security and threat intelligence information to include threats and potential threats to the customer’s information and information systems; provides timely and relevant technical analysis to assist with mitigating cyber threats confronting the Department; supports evaluation, implementation, and operations of tools/technologies used in advanced analysis. Responsible for the delivery of written and oral briefings to stakeholders and community partners across the Foreign Affairs community.

The Cyber Threat Hunter and Researcher will support the customer’s overall cyber threat analysis efforts. Performs advanced analysis of adversary tradecraft, malicious code, and Advance Persistent Threat
capabilities. Analyzes computer, communication, network security events and exploits to determine security vulnerabilities and recommend remedial actions. Conducts forensic, malicious code, and packetlevel
analyses to develop comprehensive technical reports stepping through complete reverse engineering of incidents. Recommends countermeasures based on the identified techniques, tactics, procedures, and behavior patterns used by adversaries. This role is also responsible for developing alert criteria to improve incident response capabilities; as well as, contributes to development, writing, and reviewing of SOPs.

Candidate should possess experience with and knowledge of cyber threat and/or intelligence analysis. Candidate should have proven expert written and oral communication skills to include experience with executive-level presentations. Candidate should have knowledge related to the current state of cyber international relations, adversary tactics, and trends. Candidate will possess the ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments.

Education

• A Bachelor’s Degree in Computer Science, Information Systems, Engineering, Telecommunications, or other related scientific or technical discipline is desired. Four (4) additional years of general experience (as defined below) may be substituted for the degree.

GIAC Certified Incident Handler (GCIH), GIAC Certified Forensics Analyst (GCFA), Certified Ethical Hacker (CEH), Encase Certified Examiner (ENCE)

8-10 years of experience advanced technical analysis with increasing
responsibilities. Demonstrated oral and written communications skills.

• Good working knowledge of cyber threat analytics
• Previous experience working in cross functional and interdisciplinary project teams to achieve tactical and strategic objectives
• Proven ability to document and teach team members how to apply advanced analytic techniques to solve complex problems
• Solid understanding of enterprise IT cybersecurity operational environments

• Five years’ of experience in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skill
• Three years’ of experience in intelligence or technical analysis with a focus on cyber threat analysis.
• Experience analyzing emerging technologies for potential attach vectors and developing mitigation strategies
• Ability to evaluate offensive and intelligence-based threat actors based on motivation and common TTPs
• Experience with gathering open-source and controlled intelligence to develop predictive understanding of adversarial strategies, priorities, and overlapping interests
• Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools
• Experience writing contract deliverables such as Event Bulletins, Cyber Digests, and Quarterly Summary Reports

TS

Secret /Top Secret preferred

3+

A Bachelor’s degree in Computer Science, Information Systems, Engineering, Telecommunications, or equivalent work experience.

Preferred Requirements:

•  OSCP, GIAC GPEN, GWAPT or other Penetration Testing certifications
•  CISSP
•  Certified Ethical Hacker

Must possess three (3) years of substantive IT knowledge and demonstrate hands-on expertise and/or training in areas of emerging technologies. The candidate must have hands-on experience and expertise with ethical hacking, firewall and intrusion detection/prevention technologies, secure coding practices and threat modeling. Be a self-starter with, keen analytical skills, curiosity, agility, and adaptability. The ability to work quickly, willingness to work on ad hoc assignments, strong written and verbal communication skills, and recognizing the importance of being a team player.

Key Personality traits that will do well in this environment

•  Inquisitive by nature; you know where to look to find answers
•  You enjoy collaboration and sharing information with other highly technical people.

Environment you will work in

•  The intersection of Cybersecurity and data. No better place to be.
•  Highly technical and fast pace environment.
•  No remote work / no travel

Daily Responsibilities

• Performs Vulnerability Assessments and Penetration testing, including Web Application Assessments and Social Engineering.
• Briefs executive summary and findings to stakeholders to include Sr. Leadership
• Have an understanding of how to create unique exploit code, bypass AV and mimic adversarial threats.
• Assesses the current state of the customer’s network security by identifying all vulnerabilities and security measures.
• Helps customer perform analysis and mitigation of security vulnerabilities.
• Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.
• Provided incident reporting and response capability

To fit into our environment you must have these core skills

• Able to conduct PenTests and Vulnerability Assessments using Automated and Manual TTPs.
• Have an understanding of common Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.
• Must be able to use at least two of the following proficiently and instruct others on them: Nessus, Burp, Metasploit Framework/Pro, and the Social Engineering Toolkit.
• Must have solid working experience and knowledge of Windows and Unix/Linux operating system
• Must be able to work alone or in a small group.

Highly desired skills

• A familiarity of Network and System architecture analysis. Fundamentals of network routing & switching and assessing network device configurations
• Scripting (Windows/*nix), Bash, Python, Perl or Ruby, Systems Programming
• Strong familiarity with OWASP top 10, PTES and NSA Vulnerability and Penetration Testing Standards.

DoD Secret Clearance

Beltsville, MD

• Use active vulnerability scanners to perform high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, and vulnerability analysis of the enterprise security posture. Support full life-cycle vulnerability and configuration management. Communicate recommendations to the responsible parties, track remediation’s and verify security patches and required configurations. Scan the entire enterprise, to include DMZs, and physically separate networks
• Develop and maintain policy and SOP updates
• Analyze available security information including results of configuration compliance verification, vulnerability assessment, security and system patch information, field reports, OIG reports, and intelligence information to assess the status of remote organization’s cyber security posture
• Operate, maintain and configure the configuration compliance verification tool; apply regular updates from the vendor; provide operation, troubleshooting, training and helpdesk support
• Operate, maintain and configure the vulnerability assessment tool suite; apply regular updates from the vendor; provide operation, troubleshooting, training and helpdesk support
• Operate, maintain and configure the web security assessment tool suite; apply regular updates from the vendor; provide operation, troubleshooting, training and helpdesk support
• Maintain and operate all hardware supporting the configuration compliance verification and vulnerability assessment activities including system administration, configuration management, technical troubleshooting, backup/recovery, training and user support
• Develop configuration benchmarks and vulnerability checks based on established configuration standards and CVEs (Common Vulnerabilities and Exposures) using the Security Content Automation Protocol (SCAP)
• Perform liaison activities with other bureaus and offices
• Support incident response, threat analysis, forensics and penetration testing teams by performing on-demand and targeted vulnerability scans

Working knowledge of and experience in information systems methodology, policy, and standards environment of information security, especially in government is desirable. Excellent written and oral communications skills desired. Ability to work collaboratively with a broad range of constituencies essential. A demonstrated ability to work with diverse groups of people is required.

• Four years of experience in information security, information technology, or related field
• Experience performing vulnerability and/or compliance scanning in an enterprise network environment
• Active Secret clearance required
• Technical knowledge of information technology and cyber security standards and issues is required for this position
• The CVE (Common Vulnerabilities and Exposures) standard
• Effective written and verbal communication skills
• Persistent and polite follow-up with clients in order to maintain project schedule. Good customer service skills are critical to thriving on the team.
• Problem solving and attention to detail
• Desired Skills, Preferred but not required:
• Experience using Tanium, Tenable, and/or Rapid 7 products to conduct enterprise security scans.

• Serve as technical lead on assigned projects and interface directly with customers during requirements gather, system design, and implementation.
• Analyze market research and customer requirements; derive high-level system requirements and produce functional and technical requirements.
• Translate client requirements into major milestones and deliverables
• Perform system integration activities; Product evaluation, system builds/installation, system assessments, system transition (O&M)
• Draft supporting system documentation; system design, system diagram, system security plan, etc…

• 4+ years of Information Security, Systems Integration, Network Engineering, or System Engineering experience
• Strong troubleshooting skills, analytical problem solving ability, and organizational skills
• Knowledge of the system development life cycle and Project Management Framework.
• Excellent communication skills in technical, business, and client interactions
• Experience working in a dynamic and collaborative environment
• Linux/Unix system engineering and security hardening experience
• Windows system engineering and security hardening experience
• Experience configuring and hardening network switches, routers, and firewall

• Experience with IDS/IPS products (Ex: Snort, Suricata, Cisco, ISS, McAfee)
• Experience with network devices and boundary protections (Ex: Cisco Switching, Firewalls)
• Experience with Packet Capture & Inspection technology (Ex: RSA Security
• Analytics, Netwitness, Moloch)
• Experience working with Automated Dynamic Malware Analysis tools (FireEye)
• Experience with Information and Event Management technology (SIEM, Splunk, Syslog, RSyslog)
• Experiencing supporting Accreditation and Authorization process. Mitigating compliance audit and vulnerability findings.
• Experience working with Hypervisor and Virtualization technologies (VMware, Citrix, Microsoft Hyper, Red Hat)
• Experience with Domain Service and Central Service management and deployment
• (Active Directory, DNS, DHCP, WSUS, NTP)

• Responsible for the analysis and reporting of technical and intelligence information to provide indications, analysis, and trends identified through behavioral analysis of data
• Perform assessments of malicious or suspicious activities to determine potential security risks
• Prepare comprehensive and detailed court-ready case documentation and written notes and reports regarding findings.
• Assist in the development of OTA program policies, processes, and procedures, provide user support, conduct group training sessions, and provide one-on-one tool training services to case agents and supporting personnel.
• Work location: Rosslyn, VA (full-time, on site)

• 6 months+ Experience in behavioral, audit, security, and/or policy compliance analysis
• Ability to work well with and accept challenges in a fast paced, dynamic, team-based environment
• Ability to write and execute SQL queries
• Experience with Splunk, EnCase, IBM SPSS platform using the Modeler module
• Proficiency in process automation using multiple scripting and evelopment tools including, but not limited to: Shell scripting, PowerShell, Perl, Ruby, or Python
• Enterprise administrative support and deployment of multiple operating systems (e.g. Windows 2008, 2012, Linux)
• Experience in configuring and troubleshooting Windows servers
• Understand and utilize Active Directory Domain Services, DHCP, DNS, WINS, TCP/UDP Ports and Protocols
• Experience working in a virtualized environment (e.g. VMWare)
• Possesses an understanding of networking fundamentals
• Possesses working knowledge of firewall administration
• Strong quantitative and analytic abilities to analyze and validate data
• Ability to demonstrate effective organizational and technical skills
• Detail-oriented and have a strong delivery performance (ability to meet deadlines and requests efficiently, multi-task and establish priorities)
• Ability to quickly learn and understand various company systems
• Proficiency with MS Office Suite products (Excel, Word, Outlook, Visio, PowerPoint, etc.) and Server

• Knowledgeable of Database systems (Oracle and MS SQL)
• Experience with Direct Attached Storage/SAN and RAID.
• Experience with hardware and input/output evaluation and optimization
• Experience with Dell hardware
• Working knowledge of information security and IT standards like ISO27002, NIST, ITIL, etc.
• Experience with designing and implementing data models to drive threat analysis
• Knowledge of cyber threat indicators
• Ability to prepare and present briefings
• Technical knowledge of Microsoft Operating Systems

Mid Engineer/Analyst

Arlington, VA (Rosslyn)

DoD Secret Clearance

3+

A Bachelor’s degree in Computer Science, Information Systems, Engineering, Telecommunications, or equivalent work experience.

Preferred Requirements:

•  OSCP, GIAC GPEN, GWAPT or other Penetration Testing certifications
•  CISSP
•  Certified Ethical Hacker

Project Overview:
Provides Vulnerability Assessment and Penetration testing support to a Cabinet level federal agency. Contributes to a team of information assurance professionals working to improve network security posture. Duties include writing reports, briefing event details to leadership, and coordinating remediation with personnel throughout the globe.

Must possess three (3) years of substantive IT knowledge and emonstrate hands-on expertise and/or training in areas of emerging technologies. The candidate must have hands-on experience and expertise with ethical hacking, firewall and intrusion detection/prevention technologies, secure coding practices and threat modeling. Be a self-starter with, keen analytical skills, curiosity, agility, and adaptability. The ability to work quickly, willingness to work on ad hoc assignments, strong written and verbal communication skills, and recognizing the importance of being a team player.

Key Personality traits that will do well in this environment

• Inquisitive by nature; you know where to look to find answers
• You enjoy collaboration and sharing information with other highly technical people.

Environment you will work in

• The intersection of Cybersecurity and data. No better place to be.
• Highly technical and fast pace environment.
• No remote work / no travel

Daily Responsibilities:

• Performs Vulnerability Assessments and Penetration testing, including Web Application
• Assessments and Social Engineering.
• Briefs executive summary and findings to stakeholders to include Sr. Leadership
• Have an understanding of how to create unique exploit code, bypass AV and mimic adversarial threats.
• Assesses the current state of the customer’s network security by identifying all vulnerabilities and security measures.
• Helps customer perform analysis and mitigation of security vulnerabilities.
• Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.
• Provided incident reporting and response capability

To fit into our environment you must have these core skills:

• Able to conduct PenTests and Vulnerability Assessments using Automated and Manual TTPs.
• Have an understanding of common Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.
• Must be able to use at least two of the following proficiently and instruct others on them: Nessus, Burp, Metasploit Framework/Pro, and the Social Engineering Toolkit.
• Must have solid working experience and knowledge of Windows and Unix/Linux operating system
• Must be able to work alone or in a small group.

Highly desired skills

• A familiarity of Network and System architecture analysis. Fundamentals of network routing & switching and assessing network device configurations
• Scripting (Windows/*nix), Bash, Python, Perl or Ruby, Systems Programming
• Strong familiarity with OWASP top 10, PTES and NSA Vulnerability and Penetration Testing Standards.

The Cyber Threat and Intelligence Analyst will support the customer’s overall cyber threat analysis efforts. Candidate should possess experience with and knowledge of cyber threat and/or intelligence analysis. Candidate should have proven expert written and oral communication skills to include experience with executive-level presentations. Candidate should have knowledge related to the current state of cyber international relations, adversary tactics, and trends. Candidate will possess the ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments.

Research, analyzes, and writes documents such as cybersecurity intelligence bulletins, alerts, and briefings. Ensures documentation is accurate, complete, meets editorial and government specifications, and adheres to standards for quality, graphics, coverage, format, and style. Ensures content is developed in an appropriate style for the intended audience to include presentations, bulletins, white papers, memos, policies, briefings, and other products. Acquires subject knowledge by collaborating with analysts and engineers. Assists in coordinating projects from the planning stage, provides additional or missing materials, and edits for content format, flow, and integrity. Research topics and collaborate stakeholders to understand communication product requirements; analyzes business problems and helps prescribe communication solutions.

Some travel to any location worldwide may be required up to 10% of the time.

To fit into our environment, you must have these core skills:

• 5+ years of experience in intelligence or technical analysis with increasing responsibilities.
• Demonstrated oral and written communications skills
• Strong technical writing skills
• Excellent working knowledge of cyber threat intelligence analysis and basic cybersecurity principles
• Prior military or intelligence community experience and/or formal analytic training/certification
• Strong analytical skills and the ability to effectively research, write, communicate and brief to varying levels of audiences to include at the executive level
• Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives
• Highly motivated to pro-actively seek out emerging threats and technologies

• 3+ years of experience in technical analysis with a focus on cyber threat analysis.
• Knowledge of geopolitical issues and events and the use of cyber tools & techniques to influence them
• One or more geographic area of expertise, e.g. East Asia and Pacific, South and Central Asia, Near Eastern, European and Eurasian, South American or African areas.
• Experience using the MITRE ATT&CK framework
• Demonstrated expertise in deploying and maintaining tools to facilitate the flow of intelligence analysis and reports
• Experience with All Source production and knowledge of cyber/technical intelligence

A Bachelor’s Degree in Computer Science, Information Systems, Intelligence, English, Communications, History, International Affairs or Studies, or other related technical or liberal art discipline is desired. Four (4) additional years of general experience (as defined below) may be substituted for the degree. Master’s degree preferred.

Security +, CySA+, CEH, CCSP