By Light Professional IT Services

Returning Candidate?

Cyber Intel Watch Officer (TS/SCI)

Cyber Intel Watch Officer (TS/SCI)

ID 
2018-2320
# of Openings 
1
Job Locations 
US-MD-Fort Meade
Posted Date 
5/30/2018
Category 
Information Technology
Clearance 
TS/SCI

More information about this job

Overview

By Light is hiring a Cyber Intel Watch Officer to join our team supporting the Joint Forces Headquarters-Department of Defense Information Network (JFHQ-DODIN), in the J23 (JDOC). The Cyber Intel Watch Officer will produce and disseminate all-source integrated intelligence analysis to support DoD’s Defensive Cyber Operations.

 

By Light is an IT products and services firm specializing in software development, satellite/terrestrial communications, cyber security, and network engineering/design. Headquartered in Arlington, VA, we provide support worldwide to DOD, Federal Civilian, and Health IT customers.

Responsibilities

  • Support watch officer shift rotations (day/night) as required in a 24X7 work environment.
  • Produce and disseminate all-source integrated intelligence analysis to support DODIN and defensive cyberspace operations (DODIN/DCO-internal Defensive Measures) planning, integration, coordination, and execution. Assist in analyzing ongoing threat related activities and information targeting the DODIN and develop threat assessments.  Make recommendations for JFHQ-DODIN action to protect the DODIN.
  • Review threat intelligence and open source reports and document their impact to DODIN operations.  Provide all-source analytical support to DODIN/DCO to include production of cyber related Intelligence reports and products.
  • Produce special reports and assessments related to specific incidents and trends concerning threats to the DODIN as required.
  • Conduct analysis to identify indications of adversary activity and warn (Indications and Warning) leaders of potential threats, cyber developments, events or conditions that may adversely affect the DODIN; advise leaders in order to proactively confront emerging challenges, leverage opportunities, avoid surprise and produce strategic outcomes favorable to the U.S. or allied interests.
  • Respond to the J2 for threat identification of activity directed against DoD systems.
  • Evaluate international events, all-source and open-source intelligence, and operational information to assist in the assessment of potential impacts to the DODIN and alert the JFHQ-DODIN Staff and Leadership to potential network exploitation or attacks. Using these techniques and taking advantage of web-based research tools, match potential threat candidates with identified activity, produce reports and/or briefs, and make intelligence-derived recommendations to the J2/J3 for the defense of the affected network.
  • Develop and present intelligence briefings and presentations concerning nation-state and non-state actor capabilities and activities, specific actor profiles, and incidents affecting DoD communications networks.
  • Assist the J2 in the management of daily intelligence reports and bulletins and web sites on the classified networks.
  • Maintain communications as directed by the J2, with intelligence representatives at JFHQ-DODIN, Service components, other Combatant Commands, Department of Homeland Security, US CERT, Intelligence Community, Joint Staff J2/JCS, DODIN service providers, and other organizations as designated.

Required Experience/Qualifications

  • Clearance: DoD TS/SCI required
  • 2+ years performing cyber threat intelligence analysis.
  • Intelligence all-source analysis; Defense Intelligence Analysis Program; intelligence writing and briefing at a senior level is a must.
  • Ability to place threats in the proper context and identify the “so what” for decision makers; ability to communicate technical information to non-technical audiences.
  • Ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask “why”, defend your analysis, and apply attribution to cyber threat activity.
  • Basic technical understanding in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types). 

  • Familiar with the DoD, Intelligence Community, and private sector cyber community.

Preferred Experience/Qualifications

  • Experience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activity. Advanced Data Visualization proficiency leveraging COTS/GOTS tools. Technical Skills proficiency: encryption technologies/standards. Cyber security with cloud technologies, Wireless, IoT, etc.
  • Experience with joint and combined military exercises. Analyst experience in any Federal Cyber Center (NCTOC, IC-SCC, Cyber Command, CNMF, CPT, JFHQ-Cyber, NCIJTF, DHS US CERT) or Corporate CIRT. Any type of cyber related law enforcement or counterintelligence experience.
  • Experience performing NETFLOW or PCAP analysis using analysis tools (Wireshark, SourceFire, etc). Experience using ArcSight, FireEye, or other SIEM tools.
  • Security certifications (one or more): Security+, CEH, GIAC, GCIH, etc.

Special Requirements/Security Clearance

  • Clearance: Active DOD TS/SCI
  • This position is a shift work position and could require you to work day shift, afternoons, or overnight, as well as weekends and holidays.

 

An Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

#CJ