Cyber Intel Analyst Job Description
Cyber Intel Analyst Duties & Responsibilities
To write an effective cyber intel analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included cyber intel analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Cyber Intel Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cyber Intel Analyst
List any licenses or certifications required by the position: IAT, CISSP, SANS, CEH, CCNA, SSL, IAM, GIAC, CCE, ACE
Education for Cyber Intel Analyst
Typically a job would require a certain level of education.
Employers hiring for the cyber intel analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Technology, Education, Computer Engineering, Intelligence, Technical, Cyber Security, Information Security, Electrical Engineering, Mathematics
Skills for Cyber Intel Analyst
Desired skills for cyber intel analyst include:
Desired experience for cyber intel analyst includes:
Cyber Intel Analyst Examples
Cyber Intel Analyst Job Description
- Thoroughly review incoming requests for digital forensic services requests for completeness to enable digital forensics examinations
- Work with customers from DoD law enforcement and legal communities, internal subject matter experts, and government leadership to resolve any questions or issues regarding incoming requests for service, existing digital forensics exams, or requests for information
- Maintain close communication with military and DoD LE/CI customers via phone, email, and in-person meetings
- Present technical and nontechnical information to a variety of audiences, including senior leadership
- Track action items and maintain documentation as necessary
- Utilize subject matter experts as knowledge resources, and escalate issues to leadership when necessary
- Maintain strict adherence to policies and procedures
- Work with systems engineers and software developers to assist in creation or enhancement of customer-focused products
- Work with lab leadership to innovate solutions to improve customer service
- Track metrics and analyze trends
- On the DISA GSM-O program supporting the DISA CONUS Field
- Shifts are staffed 24x7
- Prepare detailed analysis reports, products, cyber threat assessments, and briefings of security incidents
- Ability to lead others and deliver results (brief leadership, customers)
- Intelligence – indicators, contacts, information gathering, OPSEC, OSINT
- Experience with security tools such as – Nmap, Metasploit, Kali Linux, Burp Suite Pro, , other various testing tools
Cyber Intel Analyst Job Description
- Serves as an Intelligence Specialists with responsibilities for participating in the production of all-source Intelligence products pertaining to cyberspace operations and planning activities
- Conducts reviews, identifies gaps, recommends solutions, and ensures alignment with strategies Supports decision making and special projects on the preparation, production, and coordination of written products and briefings for stakeholders and leadership
- Develops intelligence products and performs expansive cyberspace intelligence analyst duties Possesses a thorough understanding of intelligence analytic concepts to monitor, assess, and report on cyberspace operations, capabilities, and vulnerabilities
- Enhances stakeholder relationships
- Conduct Open Source cyber threat intelligence research to identify threat actor motivations, capabilities, and intentions
- Provide thoroughly vetted intelligence products on emerging cyber threats, indicators of compromise and trend analysis
- The candidate will work closely with technical cyber threat analysts, intelligence analysts, and Law Enforcement & Counterintelligence (LE/CI) elements to facilitate outbound production of technical products in accordance with collection requirements and will coordinate directorate responses to inbound requests for information (RFIs)
- The candidate will track production metrics on a weekly, monthly, and yearly basis for reporting to directorate and executive leadership responding to external data calls
- On an as needed basis, will also work with contractor and government project leads to develop technical documents that contain both textual analysis and graphics or imagery specifically developed to support analytic conclusions
- A Subject Matter Expert responsible for confidentiality of client information and compliance with department standards and procedures
- Skills in open source data collection (OSINT) and acquisition such as investigating, researching, google hacking
- Candidate must have a strong all-source intelligence or counterintelligence background with 5+ years of experience serving in an analyst or agent role
- Candidate must have a strong analytic writing ability and be able to provide a writing sample demonstrating the ability to produce and edit analytic products
- Strong ability to apply formal intelligence analysis methods, develop hypotheses, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity
- Strong ability to present information and analysis to groups up to 50 persons on a quarterly basis
- Experience analyzing large volumes of logs, network data
Cyber Intel Analyst Job Description
- Daily job responsibilities will cover taking direction from leadership supporting multiple efforts such as SOC operations, incident response, cyber instruction and training, research and development, penetration testing, proposal support and other tasks as delegated by the team lead
- Some travel may be required CONUS and OCONUS depending on assignment
- Assist in establishing Global Security Monitoring discipline to support enterprise
- Review of alerts from Managed Security SOC providers, log correlation, log analysis, determining malicious software behavior, vetting out False Positives, remediating system misconfigurations, tracking system state changes, and other information across multiple systems
- Utilize analytics to identify potential threats to the environment
- Detect, respond, mitigate, and report on cyber threats/incidents that may impact the environment
- Identify, track and investigate high priority threat campaigns, malicious actors with the interest, capability and TTPs (Techniques, Tactics and Procedures)
- Analyze and track the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cyber security posture of an the organization's IT operating environment
- Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers, management and customer teams for purposes of situational awareness and making threat intelligence actionable
- Provide support to the Security Operations Center during incident response and threat hunting activities that includes cyber threat analysis support, research, recommending relevant remediation and mitigation
- In-depth knowledge of enterprise SIEM platforms
- Hold DoD-8570 IAM Level 1 baseline certification (CISSP or equivalent) with the ability to obtain CND-A certification within 180 days of start date
- Experience analyzing high volumes of logs, network data
- Mobile technology and OS
- Experience with Splunk (preferred) or other SIEM-type platform
- Must work well under pressure, multi-task, be dependable and accountable
Cyber Intel Analyst Job Description
- Developing scripts to support cyber threat detection that outputs results in a variety of formats, such as VB scripts, Python, C++, HTML, XML or other type most appropriate for the task
- Authors in-depth reports on threats relevant to MSD
- Provides expert analysis on strategic threats, actors, Advanced Persistent Threat groups
- Monitors daily intelligence operations feeds
- Collects raw data from intelligence feeds, open sources, partner groups, and internally-aligned cybersecurity elements as part of an all-source intelligence effort
- Builds, updates, and maintains cyber actor threat profiles
- Tracks malware families relevant to the organization
- Develops and produces written tactical and strategic intelligence reports constructed from analysis of developing cyber events including data from intrusions, malware, DDoS, unauthorized access, insider attacks and loss of proprietary information
- Develop operational artifacts required to support delivery of JIE
- Support the JIE Technical Synchronization Office (JTSO) in identifying gaps and overlaps across existing DODIN Operations and DCO technical capabilities
- In-depth experience with file system and memory forensics
- Experience to determine successful/unsuccessful intrusion attempts and compromises through forensic analysis allowing reconstruction of events at higher and lower levels
- Experience with common cyber attacker methodologies and exploit techniques
- Solid understanding of network protocols and networking concepts
- In-depth experience with timeline analysis to identify relevant intrusion events
- Strong initiative, attention to detail, problem solving and critical thinking skills
Cyber Intel Analyst Job Description
- Assist in the development and refinement of the JIE C2 Construct and the JIE Operational CONOPs
- Develop, integrate, and maintain operational TTPs and SOPs ISO the JIE
- Coordinate and collaborate with JTSO and the USCYBERCOM Command, Control, Communications, Computers & Information Technology (C4IT) Directorate (J6) to ensure seamless integration of services, systems, and networks into existing and future joint DODIN infrastructure
- Assess and recommend network management policies and procedures for implementation in JIE in coordination with JIE partners, stakeholders, and the C4IT Directorate
- Organize, coordinate, and participate in JOSG working groups and other JIE workshop related events
- Coordinate with JIE stakeholders to identify JIE operational requirements
- Develop recommended prioritization and sequencing of JIE operational capability implementation and transition
- Ensure capabilities align with DoD governing policies and meet the intent of the development objective or capability
- Analyze proposed capabilities, recommend COAs, and develop solutions to address areas of concern for shortfalls in JIE implementation
- Develop processes and procedures to implement and ensure JIE operational requirements are met DoD-wide
- Experience with Linux, macOS, and Windows Server
- Mobile iOS and Android acquisition and analysis
- Ability to analyze web applications to discover and validate vulnerabilities discovery and an understanding of the vulnerability management lifecycle
- Experienced with vulnerability scanning tools such as Retina and Nessus including all of the OWASP TOP 10
- Advanced experience with testing tools such as Burp Suite Pro, AppSpider, Acunetix
- Demonstrated manual testing experience including the OWASP TOP 10