Junior Cyber Threat Intelligence Analyst

at  Chenega Corporation

WASHINGTON DC

Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer’s core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level!
Chenega Systems (CS) provides federal agencies empowered solutions in Cybersecurity and Data Visualization. Our Subject Matter Experts offer decades of experience working in the federal marketplace and the data visualization environment.
The Junior Cyber Threat Intelligence Analyst identifies potential and real threats to computing infrastructure and data and provides risk mitigation strategies and recommendations, providing valuable insights that inform and shape risk by enabling the external threat to be analyzed with the internal vulnerability for appropriate prioritization.

Responsibilities:

• Provide assessments of the intentions of adversary groups to conduct computer network exploitation (CNE) and computer network attack (CNA) against the customer, U.S. private sector/industry networks, and information systems
• Monitor and consume both domestic and international / government and commercial open source, industry-sector, and classified Cyber Threat Intelligence sources to include tactical, operational, and strategic types to assess and manage potential cyber threats to IT and information assets
• Review the ingest of cyber news feeds, signature updates, incident reports, threat briefs, and vulnerability alerts from external sources to identify threats facing the environment, the environment’s exposure and attack surface, and aid in constructing attack vectors specific to the scope of the assessment
• Monitor common social media platforms and assist in the investigation of any posts that raise cybersecurity or reputational concerns
• Monitor common code-sharing platforms and developer collaboration forums for risks related to IT systems or code
• Integrate activities and product development with relevant intelligence programs from the Department of Homeland Security (DHS) and Intelligence Community (IC), as appropriate
• Identify and create strategic and operational threat intelligence products that provide insight into malicious cyber actors’ motives and attempts to infiltrate, exploit, or exfiltrate data from networks and systems
• Review Open-Source Intelligence (OSINT) on the target environment.
• Obtain Closed-Source Intelligence to identify threat history and closed-source reporting on threats
• Provide the customer with reports (both a classified and unclassified version, if necessary, and determined by the relevant classification guides) synthesizing the cyber threat intelligence derived from OSINT and closed-source reporting, as well as a listing of adversaries of interest, and a listing of their known TTPs
• Recommend CTI program and policy changes, perform risk assessments and analysis, and inform leadership of risk and risk mitigation strategies
• Identify and track Advanced Persistent Threats (APT), Cybercriminals, and Hacktivists
• Create and deliver cyber threat briefings to key cybersecurity stakeholders and senior SBA leadership
• Use current threat data, industry best practices, and advanced tools and practices to conduct assessments and analysis of the IT systems and report any findings and recommendations for mitigating risks and threats and improving the cybersecurity posture with minimal impact on system performance
• Provide Indicator of Compromise (IOC) and Tactics, Techniques, and Procedures (TTPs) related to these threats for analysis and execution by applicable functional areas
• Create initial and ongoing Prioritized Intelligence Requirements (PIR) Reports based on information released concerning current and future threats (to include threat actors) that have an impact on the customer
• Respond to leadership-identified Prioritized Intelligence Requirements (PIR), produce an Analysis Report, and provide feedback on PIR activities observed, intelligence report, and other support services to internal and external stakeholders (CIO, CISO, SBA SOC, and SBA)
• Create, monitor, and present weekly Advanced Persistent Threat (APT) and Cybercriminal Tracker Report detailing the status of the request
• Create and maintain the Cyber Threat Intel SOP and continuously update the processes
• Provide results of analysis in the Cyber Threat Intelligence Report to include the Vulnerability and Mitigation Report, Incident and Malware Analysis Report, Ad hoc Ongoing Alert Reports, and the Intelligence Community Directives (ICDs) established by the Director of National Intelligence (DNI)
• Enable synchronization of intelligence support plans across partner organizations as required
• Coordinate with outside intelligence planners to ensure collection managers receive information requirements;
• Establish relationships and cooperation with intelligence Teams from other federal agencies
• Develop a working relationship with Law Enforcement
• Develop a proactive method of monitoring the darknet for any information indicating a potential threat to IT systems, information assets, or employees
• Draft Intelligence Collection and Production Requirements to submit to the intelligence community
• Analysis of incidents and confirmed data breaches derived from internal and external sources and leverage for the benefit of the customer
• Analysis of all known cyber threat actors, actions, and intentions to develop and maintain a prioritized list of those most likely to target the customer and the small business community
• Analysis of internal and external sources of Threat Intelligence to determine impact and proactively deploy mitigations.
• Threat Intelligence reporting to provide situational awareness derived from internal and external sources
• Delivery of cyber threat briefings to stakeholders, including agency leadership, IT stakeholders, and ISSOs, as well as general user awareness of active and emerging IT threats
• Develop, maintain, and update the Cyber Threat Intelligence Concept of Operations and Internal Operating Procedures (IOP)
• Other duties as assigned

Qualifications:

• Bachelor’s degree in Cybersecurity, Intelligence, or a related discipline
• Additional years of experience can be used in lieu of a degree
• 3+ years of experience in cyber threat intelligence
• CompTIA Security+ or similar level certification
• Background check

KNOWLEDGE, SKILLS, AND ABILITIES:

• Knowledge of well-known APTs and their TTP
• Experience with open-source and closed-source intelligence

• Provide assessments of the intentions of adversary groups to conduct computer network exploitation (CNE) and computer network attack (CNA) against the customer, U.S. private sector/industry networks, and information systems
• Monitor and consume both domestic and international / government and commercial open source, industry-sector, and classified Cyber Threat Intelligence sources to include tactical, operational, and strategic types to assess and manage potential cyber threats to IT and information assets
• Review the ingest of cyber news feeds, signature updates, incident reports, threat briefs, and vulnerability alerts from external sources to identify threats facing the environment, the environment’s exposure and attack surface, and aid in constructing attack vectors specific to the scope of the assessment
• Monitor common social media platforms and assist in the investigation of any posts that raise cybersecurity or reputational concerns
• Monitor common code-sharing platforms and developer collaboration forums for risks related to IT systems or code
• Integrate activities and product development with relevant intelligence programs from the Department of Homeland Security (DHS) and Intelligence Community (IC), as appropriate
• Identify and create strategic and operational threat intelligence products that provide insight into malicious cyber actors’ motives and attempts to infiltrate, exploit, or exfiltrate data from networks and systems
• Review Open-Source Intelligence (OSINT) on the target environment.
• Obtain Closed-Source Intelligence to identify threat history and closed-source reporting on threats
• Provide the customer with reports (both a classified and unclassified version, if necessary, and determined by the relevant classification guides) synthesizing the cyber threat intelligence derived from OSINT and closed-source reporting, as well as a listing of adversaries of interest, and a listing of their known TTPs
• Recommend CTI program and policy changes, perform risk assessments and analysis, and inform leadership of risk and risk mitigation strategies
• Identify and track Advanced Persistent Threats (APT), Cybercriminals, and Hacktivists
• Create and deliver cyber threat briefings to key cybersecurity stakeholders and senior SBA leadership
• Use current threat data, industry best practices, and advanced tools and practices to conduct assessments and analysis of the IT systems and report any findings and recommendations for mitigating risks and threats and improving the cybersecurity posture with minimal impact on system performance
• Provide Indicator of Compromise (IOC) and Tactics, Techniques, and Procedures (TTPs) related to these threats for analysis and execution by applicable functional areas
• Create initial and ongoing Prioritized Intelligence Requirements (PIR) Reports based on information released concerning current and future threats (to include threat actors) that have an impact on the customer
• Respond to leadership-identified Prioritized Intelligence Requirements (PIR), produce an Analysis Report, and provide feedback on PIR activities observed, intelligence report, and other support services to internal and external stakeholders (CIO, CISO, SBA SOC, and SBA)
• Create, monitor, and present weekly Advanced Persistent Threat (APT) and Cybercriminal Tracker Report detailing the status of the request
• Create and maintain the Cyber Threat Intel SOP and continuously update the processes
• Provide results of analysis in the Cyber Threat Intelligence Report to include the Vulnerability and Mitigation Report, Incident and Malware Analysis Report, Ad hoc Ongoing Alert Reports, and the Intelligence Community Directives (ICDs) established by the Director of National Intelligence (DNI)
• Enable synchronization of intelligence support plans across partner organizations as required
• Coordinate with outside intelligence planners to ensure collection managers receive information requirements;
• Establish relationships and cooperation with intelligence Teams from other federal agencies
• Develop a working relationship with Law Enforcement
• Develop a proactive method of monitoring the darknet for any information indicating a potential threat to IT systems, information assets, or employees
• Draft Intelligence Collection and Production Requirements to submit to the intelligence community
• Analysis of incidents and confirmed data breaches derived from internal and external sources and leverage for the benefit of the customer
• Analysis of all known cyber threat actors, actions, and intentions to develop and maintain a prioritized list of those most likely to target the customer and the small business community
• Analysis of internal and external sources of Threat Intelligence to determine impact and proactively deploy mitigations.
• Threat Intelligence reporting to provide situational awareness derived from internal and external sources
• Delivery of cyber threat briefings to stakeholders, including agency leadership, IT stakeholders, and ISSOs, as well as general user awareness of active and emerging IT threats
• Develop, maintain, and update the Cyber Threat Intelligence Concept of Operations and Internal Operating Procedures (IOP)
• Other duties as assigne