Leidos is seeking candidates for an open positions as a Counter Intelligence Cyber Threat Analyst to support our government customer in Springfield VA. An ACTIVE TS/SCI with Polygraph is REQUIRED to be considered. Selected candidate will produce on average per annum, 36 weekly threat reports, 8 monthly threat reports, three quarterly threat reports, and one annual threat study for each specific focus or area. In addition, each analyst will average 6 reports of inquiry (ROI) and or requests for information (RFI) and publish or contribute to 9 Intelligence Information Reports (IIR) Finally, each analyst will produce, on average, 48 weekly status reports.
- Produce 36 weekly actionable Technical CI Cyber, TSCM, TEMPEST threat reports in collaboration with teammates, partners and IC peers. These reports should include items such as threat data collected and reported by agency Technical CI team and network security personnel, intelligence reported by the IC, fusion of all source threat analysis derived from multiple intelligence sources (INTS), imagery when available and information that can be used to inform security decisions
- Produce 8 monthly Technical CI Cyber threat reports in collaboration with teammates, partners and IC peers, that should include, compilation of data collected and reported in weekly products, intelligence reported by the IC, fused All Source threat analysis derived from multiple INT's, imagery when available, and depiction of Technical CI threats to agency to inform security decision makers
- Produce quarterly Technical CI Cyber threat reports in collaboration with teammates, partners and IC peers that should include compilation of data collected and reported in weekly and monthly products, intelligence reported by the IC, fused all source threat analysis derived from multiple INT's, include imagery when available and depiction of Technical CI Cyber threats to the agency to inform security decisions
- Produce annual Technical CI Cyber threat studies in collaboration with teammates,agency partners and IC peers as necessary to include compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products, raw and finished Intelligence reported by the IC, fused all source threat analysis derived from multiple INT's, iimagery when available and analytic judgments, intelligence gaps, and overall technical threats agency to
- Produce 6 CI Information Reports and IIRs from data collected and reported by either the Technical CI team or the agency cyber security personnel. Effective IIR writings should include coordination with teammates and stakeholders to ensure accuracy of reported information, cross referencing local information reporting with IC reporting, clear and concise writing to briefly convey threat, responsiveness to IC priority collections requirements and timeliness
- Perform inquiries of anomalous activity using automated investigative tools such as M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE or Criss Cross
- Provide Technical CI Cyber advice and expertise in support of CI inquiries, operations and issues
- Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners.
- Conduct research, evaluate collection, and perform analysis on Technical CI Cyber intelligence topics of interest to leadership, analysts and customers
- Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner
- Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages
- Demonstrate current subject matter expertise on Technical CI Cyber issues, threats and trends such as Cyber/Technical Surveillance threats
- Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards
- Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing
- Display an ability to collaborate with internal agency and external IC/Cyber community members
- Coordinate CI Cyber activities originating from Enterprise Incident Response Events
- Conduct liaison between CI Office and Cyber Security Operations Center (CSOC)
- Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures
- Bachelors Degree and a minimum of 7 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations or equivalent experience in lieu of degree.
- ACTIVE TS/SCI with POLY required.
- Experience with automated investigative tools such as M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE or Criss Cross
- Be a credentialed graduate of an accredited federal or DoD CI training academy
- Possess a Bachelor's degree in Science, Technology, Engineering or Mathematics disciplines.
- Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines.
- Demonstrate experience with of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov.
"External Referral Eligible"