ICS Cyber Threat Intelligence Analyst
STEMBoard
Arlington, virginia
Job Details
Not Specified
Full Job Description
Currently hiring an Industrial Control System Cyber Threat Intelligence Analyst for its Federal Strategic Cyber program in Arlington, VA.
In this role, you will:
- Integrate multiple intelligence sources to develop products, recommendations, and inform priorities for the organization.
- Perform research and investigates current threats in operational technology, specific critical infrastructure sectors, and mission areas to inform senior leaders and drive priorities for operational teams, including the forward deployed incident response and threat hunting functions.
- Analyze collected data to derive facts and projections concerning capabilities, intentions, attack approaches—research resource allocations, motivations, tendencies, personalities; and contribute to profiling adversarial behavior with respect to identified system attacks in the context of the critical infrastructure mission.
- Research and review cyber warfare tactics, techniques, and procedures focused on the threat to information networks.
- Prepare assessments and cyber threat profiles of current and planned products based on recent and current trends within ICS/SCADA.
- Escalate new or high threats to the ICS Incident Response Teams as required.
- Research OT defensive tactics, techniques, and procedures (TTPs) for detecting and responding to cyber threats.
- Map ICS activity and threats using MITRE ATT&CK Framework.
- Seamlessly work alongside a team of host, network, and cloud forensic to meet the mission requirements for both incident response and threat hunting engagements.
- Serve as subject matter expert (SME) for ICS Security activities.
- Identify potential open-source vulnerabilities existing within ICS/SCADA.
- Identify and assess current and emerging threats and vulnerabilities as they relate to homeland security.
- Identify classified threat intelligence reporting related to ICS/SCADA and analyze for adversary intent and capability.
Requirements
Required Experience:
- Bachelor's degree and 5 years; Master's degree and 3 years; Associates and 7 years or 9 years of relevant experience in lieu of a degree, performing and processing triage, threat analysis, and response to cyber incident reports.
- Critical infrastructure sector threat analysis experience.
- Experience in Intelligence Analysis, including All Source as it relates to Cyber actors.
- Knowledge of advanced threat analysis technology in telecommunications, computer science, or electronic warfare.
- Experience producing and completing all-source (unclassified and classified) finished intelligence assessments that adhere to the ICD203 analytic tradecraft standards.
- U.S. citizenship
- An Active Top Secret Security Clearance.
Preferred Certifications:
- IAT Level II Certification
- SANS Global Industrial Cyber Security Professional (GICSP)
- SANS GIAC Response and Industrial Defense (GRID)
- SANS GIAC Cyber Threat Intelligence (GCTI)
Benefits
- Healthcare, Vision, and Dental Insurance
- 20 Days of Paid Time Off
- 11 Observed Federal Holidays
- Military Leave
- 401K Matching
- Training/Certification Reimbursement
- Short term/Long term disability
- Parental/Maternity Leave
- Life Insurance
STEMBoard is committed to hiring and retaining a diverse workforce. All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, religious creed, national origin, citizenship, marital status, sex, sexual orientation/gender identity, age, or genetic information. Selected applicant will be subject to a background investigation. STEMBoard is an Equal Opportunity/Affirmative Action employer.