Counterintelligence Cyber Officer Level 4 - Threat Analyst

Location: St. Louis, MO
Date Posted: 11-01-2018
Contractor Team Chiefs will oversee production. They will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted with in established time frames. Team Chiefs will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements:
  • Produce weekly, monthly, quarterly, and annual actionable Technical CI threat reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary.  
  • Produce CI Information Reports and IIRs from data collected and reported by either the Technical CI team or the NGA cyber security personnel. 
  • Perform inquiries and develop leads of anomalous activity using automated investigative tools as well as conducting open source and classified research to identify patterns, commonalities, and linkages.
  • Provide Technical CI advice and expertise in support of CI inquiries, operations and issues.
  • Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers.
  • Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner and ability to self-edit and produce properly sourced and grammatically correct intelligence products. 
  • Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing.
  • Ability to collaborate with internal NGA and external IC/Cyber community members.
  • Coordinate CI Cyber activities originating from Enterprise Incident Response Events.
  • Conduct liaison between CI Office and Cyber Security Operations Center (CSOC).
  • Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures.


Duties may include:
  • Produce weekly actionable cyber CI cyber threat reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary.  Threats reports will include:
    • Threat data collected and reported by NGA Cyber CI team and network security personnel.
    • Intelligence reported by the Intelligence Community.
    • Fusion of all source threat analysis derived from multiple intelligence sources (INTS).
    • Imagery when available.
    • Information that can be used to inform cyber security decisions.
  • Produce monthly cyber CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Threat reports should include:
    • Compilation of data collected and reported in weekly products.
    • Intelligence reported by the Intelligence Community.
    • Fused All Source threat analysis derived from multiple INT’s.
    • Imagery when available.
    •  Depiction of cyber threat (s) to NGA to inform cyber security decision makers.
  • Produce quarterly cyber CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Threat reports should include:
    •  Compilation of data collected and reported in weekly and monthly products.
    •  Intelligence reported by the Intelligence Community.
    •  Fused all source threat analysis derived from multiple INT’s.
    •  Include imagery when available.
    •  Depiction of cyber threat (s) to NGA to inform cyber security decisions.
  • Produce annual cyber CI threat studies in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Annual threat studies are based on the fiscal year timeline. Threat studies should include:
    •  Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products.
    •  Raw and finished Intelligence reported by the Intelligence Community.
    •  Fused all source threat analysis derived from multiple INT’s.
    •  Include imagery when available.
    •  Analytic judgments, intelligence gaps, and overall cyber threat (s) to NGA.
  • Produce CI Information Reports on an as needed/required basis. Produce IIRs from data collected and reported by either the cyber CI team or the NGA cyber security personnel. Effective IIR writing requires:
    • Coordination with teammates and NGA cyber security to ensure accuracy of reported information.
    • Cross referencing local information reporting with Intelligence Community reporting.
    • Clear and concise writing to briefly convey threat.
    • Responsiveness to Intelligence Community priority collections requirements.
    • Timeliness.
  • Perform inquiries of anomalous activity using cyber or related automated investigative tools (using most, if not all of the following: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE and Proton).
  • Provide cyber CI advice and expertise in support of CI inquiries, operations and issues.
  • Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners.
  • Conduct research, evaluate collection, and perform analysis on cyber intelligence topics of interest to SIC leadership, analysts and customers.
  • Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. 
  • Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages.
  • Demonstrate current subject matter expertise on cyber issues, threats and trends.
  • Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards.
  • Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing.
  • Display an ability to collaborate with internal NGA and external IC/Cyber community members.
 

Skills and Experience:

Required:
  • Shall possess a minimum of 11 years’ experience, with a minimum of 5 years Technical Threat Analysis or cyber investigations experience.
  • Shall possess strong research, critical thinking and analytic skills. Strong written and oral communication skills.
  • Shall possess a Bachelor’s Degree (in Computer Science, Engineering, or a related technical discipline preferred).


Desired:
  • Possess post-graduate degree in Computer Science, Engineering, or a related technical discipline.
  • Shall be a credentialed graduate of an accredited federal or DoD CI training academy.
  • Demonstrates experience with foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to the US Government. 


SECURITY CLEARANCE IS REQUIRED
 
AC4S is an Equal Opportunity Employer, including disabled and vets
this job portal is powered by CATS
Powered by CATS.