Location: Oak Ridge, Tennessee
Job Title: Threat Intel Analyst
Career Level From: Associate
Career Level To: Senior Specialist
Organization: Chief Information Security Off (50003144)
Job Specialty: Cyber Security
What You'll Do
Cyber Threat Intelligence Analyst shall:
- Answer requests for information.
- Provide subject matter expertise to the development of a common operational picture.
- Maintain a common intelligence picture. • Provide subject matter expertise to the development of cyber operations specific indicators.
- Assist in the coordination, validation, and management of all-source collection requirements, plans, and/or activities.
- Assist in the identification of intelligence collection shortfalls.
- Brief threat and/or target current situations.
- Collaborate with intelligence analysts/targeting organizations involved in related areas.
- Conduct in-depth research and analysis.
- Conduct nodal analysis.
- Identify threats to Blue Force vulnerabilities.
- Identify threat tactics and methodologies.
- Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc., as related to designated cyber operations warning problem sets.
- Monitor and report on validated threat activities.
- Monitor open-source websites for hostile content directed towards organizational or partner interests.
- Monitor operational environment and report on adversarial activities which fulfill leadership's priority information requirements.
- Produce timely, fused, all-source cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies).
- Provide subject-matter expertise and support to planning/developmental forums and working groups as appropriate.
- Provide evaluation and feedback necessary for improving intelligence production, intelligence reporting, collection requirements, and operations.
- Provide intelligence analysis and support to designated exercises, planning activities, and time sensitive operations.
- Work closely with planners, intelligence analysts, and collection managers to ensure intelligence requirements and collection plans are accurate and up-to-date.
What You Can Expect
- Meaningful work and unique opportunities to support missions vital to national and global security
- Top-notch, dedicated colleagues
- Generous pay and benefits with a stable organization
- Career advancement and professional development programs
- Work-life balance fostered through flexible work options and wellness initiatives
Minimum Job Requirements
- Bachelor's degree in engineering/science/information technology discipline.
- Master's degree in engineering/science/information technology discipline.
- Eight or more years of relevant education, training and/or progressive experience may be considered to satisfy educational and years of experience for this posting.
- Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information. Requires a TS/SCI and 'Q' clearance; however, all qualified candidates will be considered regardless of their current clearance status. (The ability to obtain and maintain a Department of Energy 'Q' clearance is required).
Preferred Job Requirements
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.).
- Knowledge of common computer/network infections (virus, Trojan, etc.,) and methods of infection (ports, attachments, etc.).
- Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).
- Knowledge of cyber intelligence/information collection capabilities and repositories.
- Expert communication and writing skills.
- Proven organizational skills and strong attention to detail.
- Knowledge of network traffic analysis methods.
- Knowledge of website types, administration, functions, and content management system (CMS).
- Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
- Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).
- Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects.
- Knowledge of general supervisory control and data acquisition (SCADA) system components.
- Knowledge of host-based security products and how those products affect exploitation and reduce vulnerability.
- Knowledge of current computer-based intrusion sets. • Knowledge of how internet applications work (SMTP email, web-based email, chat clients, VOIP).
- Knowledge of how to extract, analyze, and use metadata.
- Knowledge of intelligence preparation of the environment and similar processes.
- Knowledge of intelligence support to planning, execution, and assessment.
- Knowledge of the ways in which targets or threats use the internet.
- Knowledge of threat and/or target systems.
- Knowledge of what constitutes a “threat” to a network. • Skill in conducting non-attributable research.
- Skill in developing or recommending analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
- Skill in evaluating information for reliability, validity, and relevance.
- Skill in identifying alternative analytical interpretations to minimize unanticipated outcomes.
- Skill in identifying critical target elements, to include critical target elements for the cyber domain
- Skill in identifying cyber threats which may jeopardize organization and/or partner interests.
- Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships.
- Skill in writing, reviewing and editing cyber related intelligence/assessment products from multiple sources.
Why Pantex and Y-12?
You get #morethanajob. We encourage employees to achieve a healthy personal balance among home, work and the community. One of the ways we embrace work-life balance is by offering flexible work arrangements that provide alternatives to the traditional workweek, while still meeting business needs. Top talent and personal commitment mean more to our success than any other factors, so we reward our people with the kinds of benefits that make a positive difference in the quality of their lives. Benefits such as: medical plan, prescription drug plan, vision plan, dental plan, employer matched 401(k) savings plan, disability coverage, education reimbursement and many more. Want to stay healthy and fit but hate the cost of a gym membership? Take advantage of one of our onsite workout facilities and eat healthy in our onsite cafeterias. Much more than a workplace, at Pantex and Y-12, you can build a career that lasts a lifetime.
