Cybersecurity SME

The Senior Cyber Analyst Subject Matter Expert (SME) will support the Cybersecurity and Infrastructure Security Agency (CISA) by investigating, analyzing, and responding to cybersecurity incidents. This role involves analyzing cybersecurity reporting, both vulnerability (environmental) and threat (actor) related, and developing repeatable and effective processes for Standard Operating Procedures (SOPs) and Work Instructions (WIs). The analyst will assist in cyber analysis operations, ensuring adherence to agency SOPs, quality control standards, and best practices. Additionally, the role requires analyzing cyber reporting and other data sets to inform agency leadership and recommend adjustments based on changes in the operational environment and adversary activities. This role demands a seasoned professional with a minimum of 10 years of experience in the field, capable of delivering high-quality cybersecurity threat assessments.

What you will do as a Senior Cybersecurity SME:

• Investigate and analyze cybersecurity incidents, understand and coordinate file signature analysis and real-time forensic analysis.
• Collect, process, analyze, and disseminate descriptive and predictive cybersecurity threat assessments.
• Identify cyber threat tactics and methodologies and determine the operational and safety impacts of cybersecurity lapses.
• Generate and answer requests for information, identifying cyber threat intelligence (CTI) gaps and shortfalls.
• Facilitate continuously updated information, analysis, and visualization to provide situational awareness, and input to common operational picture.
• Identify anomalous network activity and potential threats to network resources, recommending appropriate vulnerability remediation strategies.
• Prepare threat and target briefings, situational updates, and network intrusion reports.
• Develop and document repeatable and effective processes for SOPs and WIs.
• Assess operation performance and impact, and scope analysis reports to various audiences considering data sharing classification restrictions.
• Monitor changes to designated cyber operations warning problem sets and prepare change reports.
• Monitor open-source websites for hostile content directed towards stakeholder interests.
• Report on adversarial activities that fulfill priority information requirements and notify appropriate personnel of imminent hostile intentions or activities.

Qualifications:

• US Citizen (the nature of our contract requires employees be US citizens).
• Top Secret clearance required.
• At least 10 years of experience.
• Bachelor’s degree preferred.
• Strong analytical and problem-solving skills with the ability to conduct in-depth research and analysis.
• Excellent communication skills, both written and verbal, for reporting and stakeholder engagement.
• Proficiency in using cybersecurity frameworks and tools for forensic analysis.
• Experience in developing and documenting effective cybersecurity processes and procedures.
• Ability to work collaboratively in a team environment and manage multiple tasks simultaneously.
• Familiarity with emerging technologies and trends in cybersecurity.
• Strong understanding of network security principles and intrusion detection methodologies.
• Ability to identify and mitigate cybersecurity threats and vulnerabilities effectively.
• Ability to be on site in Arlington, VA.

Preferred Qualifications:

• Relevant certifications such as CISM, CEH, or GIAC.
• Experience with Mitre ATT&CK and other analytic frameworks.
• Experience in the energy sector or other critical infrastructure industries.