Cyber Threat Analysts

Job Title:             Cyber Threat Analysts 

Location:            Arlington, VA 

Terms:                     Full-time 

Requirements:       Must be a U.S. Citizen with Active Security Clearance 

About the Role  

Multiple mid-to-senior level roles available in the Cyber Threat Analysis Division (CTAD). CTAD addresses cyber threats affecting the Department of State’s information infrastructure through information sharing, analysis (e.g. trends, modeling, and attribution), customized threat reporting, and support to law enforcement, intelligence, and counterintelligence operations (e.g. threat hunting).  

Current Analyst Position Openings: 

• Cyber Investigation Analyst  
• Operational Threats and Analysis (OTA) 
• Indications and Warnings (I&W) 

Target Salary Ranges from $90,000-$140,000 

Cyber Investigation Analyst responsibilities: 

• Need to be able to identify APT activity and recommend mitigation procedures. 
• Be familiar with MITRE Attack Framework and Diamond Modeling. 
• Design and define system architecture for new or existing complex computer systems. 
• Determine systems specifications, input/output processes, and working parameters for hardware/software compatibility and maintenance of system security. 
• Successfully coordinate design of subsystems and integration of total system. 
• Identify, analyze, and be able to resolve program support deficiencies. 
• Develop and recommend corrective actions. 
• Be proficient in providing technical guidance for database administrators and software developers. 

Qualifications: Basic Requirements: 

• Bachelors and 9 years of overall cyber experience; Four (4) additional years of experience may be substituted in lieu of the degree requirement.  
• Possess or be able to obtain one of the following certifications prior to start date:  
• CASP CE, CCNP Security, CEH, CFR, CHFI, CISA, CISSP (or Associate), Cloud , CND, CySA , GCED, GCIH, GICSP, or SSCP 
• Be familiar with MITRE Attack Framework and Diamond Modeling. 
• Experience with design and defining system architecture for new or existing complex computer systems. 
• Experience in domain and virus detections tools.  
• U.S. citizenship required.  
• An active Top Secret with ability to obtain a final TS/SCI security clearance.  

Preferred Requirements:  

• Expertise in and with Domain Tools & Virus detection. 
• IAT Level II Qualification with:  
• GCIH 
• CYSA 
• FOR578 

OTA Analyst responsibilities: 

• Support the Operational Threats & Analysis (OTA) Team. 
• Audit for counterintelligence, insider threat, and criminal activities. pertaining to Diplomatic Security jurisdiction on the network. 
• Recommend strategies for assessing inappropriate use of the Department’s networks; research and recommend tools for monitoring employee computer use and assessing user behavior. 
• Provide support to DS criminal investigators. 
• Perform in-depth log analysis to determine trend, patterns, and suspicious activity. 
• Interface and coordinate with other U.S. Government, Intelligence Community, and Law Enforcement organizations performing insider threat auditing. 

Qualifications: Basic Requirements 

• A bachelor’s degree and a minimum of 5 years’ relevant experience. An additional 4 years of experience may be considered in lieu of degree. 
• Possess ONE of the following certifications: 
• CAP, CASP CE, CCISO, CCNA-Security, CISM, CISSP (or Associate), CISSP (or Associate), CND, CSSLP, CySA , GICSP, GSEC, GSLC, Security CE, SSCP, PPDA, Agile IC, SNOW App Dev. 
• Experience performing threat analysis. 
• Experience with a User Activity Monitoring (UAM) tool. 
• Experience dealing with security or law enforcement investigative personnel. 
• Experience working in a Security Operations Center (SOC) in general, in analyzing network traffic. 
• U.S. citizenship required. 
• Active Top Secret security clearance, 
• The ability to obtain a final Top Secret/SCI security clearance. 

Sr Cyber Intel Analyst I&W: 

• Leverage open-source, proprietary/vendor, and classified reporting to closely track advanced persistent threat actor activity. 
• Perform pattern, trend, and behavior analysis, as well as other specialized analysis techniques to identify malicious cyber threat activity targeting DOS information, systems and personnel. 
• Maintain records to catalog and track malicious cyber threat activity targeting DOS information, systems and personnel. 
• Identify Indicators of Compromise (IOCs) present on an Enterprise network through the use of a SIEM and other security tools and logs. 
• Liaise with members of the Intelligence Community (IC); and Acts as the fusion analysis cell within Cyber Threat Analysis Division (CTAD). 
• Provide presentations to a variety of technical and non-technical audiences pertaining to cyber threats. 
• For up to 10% travel to foreign and domestic locations. 

Qualifications: Basic Requirements 

• Bachelor's degree and 9 years of experience is required. An additional 4 years of experience may be considered in lieu of degree. 
• Possess ONE of the following certifications: 
• CASP CE, CCNP Security, CEH, CFR, CHFI, CISA, CISSP (or Associate), Cloud , CND, CySA , GCED, GCIH, GICSP, or SSCP 
• Experience with Splunk SIEM. 
• Experience leveraging the MITRE ATT&CK matrix or other threat models (e.g. Lockheed Martin Kill Chain, Diamond Model). 
• Knowledge or experience tracking advanced persistent threats (APTs). 
• Knowledge or experience pivoting from IOCs to identify related infrastructure. 
• Demonstrated written communication skills, communicating technical topics in an analytic fashion. 
• Experience briefing individuals and large groups, ranging from the working to executive level. 
• Demonstrated ability to work independently as well as with a team of other analysts. 
• Active U.S. Passport and the ability to travel up to two weeks at a time, both foreign and domestically (up to10%). 
• U.S. citizenship required. 
• Active Top Secret security clearance with SCI eligibility. 

About us: 

Cyber Management International Corporation is actively recruiting highly IT Security professionals looking for challenging, exciting work in support of the U.S. Department of State (DOS). Specifically, our customer is the Bureau of Diplomatic Security (DS), Directorate of Cyber and Technology Security (CTS). DS/CTS is a center of excellence that brings together cybersecurity, technology security, and investigative expertise as a unified security capability focused on solving critical and emerging issues enabling the State Department to fulfill its vital global mission.   

For more information about our company, please visit www.cybermgt.com or email us at recruiting@cybermgt.com