Senior Cyber Indications and Warning Analyst

We are seeking a highly motivated and experienced Senior Cyber Indications and Warnings Analyst to support the Department of Homeland Security’s efforts in cybersecurity reporting and response. This role requires an individual with demonstrated expertise in analyzing cybersecurity incidents, delivering timely reports, and providing actionable insights to enhance organizational cybersecurity posture. The successful candidate will contribute to three critical functions: Indications and Warning, Analysis, and Production and Requirements Management.

What you will do as a Senior Cyber Indications and Warnings Analyst:

• Triage, assess, and provide context to cybersecurity events and indications of compromise.
• Develop and disseminate timely cybersecurity reports, including notifications of incidents or attacks, to support response efforts.
• Answer key operational questions, such as whether compromises are being attempted or were successful and assess their technical and broader impacts.
• Conduct descriptive and predictive analysis to identify adversarial changes, correlations between events, and environmental factors that impact operational priorities.
• Assess events to provide operationally relevant insights that inform response strategies.
• Collaborate with stakeholders to identify risks and recommend appropriate mitigation and response actions.
• Identify, prioritize, and manage analytic production requirements, including Requests for Information (RFI) and operational data needs.
• Coordinate with internal and external organizations to ensure information needs are met and align with operational objectives.
• Develop, write, and maintain Standard Operating Procedures (SOPs) for cybersecurity reporting processes.

Qualifications:

• US Citizen (the nature of our contract requires employees be US citizens).
• Top Secret clearance required.
• At least 10 years of experience.
• Bachelor’s degree preferred. 
• Demonstrated expertise in reviewing and assessing cybersecurity reports, including indications of compromise.
• Demonstrated expertise in writing, preparing, and coordinating cybersecurity reports and incident notifications.
• Demonstrated expertise in evaluating technical and operational impacts of cyber incidents at both organizational and broader infrastructure levels.
• Strong communication skills to coordinate with stakeholders and disseminate critical information effectively.
• Familiarity with cybersecurity frameworks, policies, and regulations relevant to federal operations.
• Self-starter with strong problem-solving and critical-thinking abilities.
• Ability to collaborate across teams and organizations to ensure timely and actionable intelligence.
• Comfortable adapting to and improving incomplete or evolving processes.
• Ability to be on-site in Arlington, VA - this is on-site shift work.