By Light Professional IT Services

  • Cyber Intel Watch Officer (TS/SCI)

    Job Locations US-MD-Fort Meade
    Posted Date 2 weeks ago(2 weeks ago)
    ID
    2018-2393
    # of Openings
    3
    Category
    Information Technology
    Clearance
    TS/SCI
  • Overview

    By Light is hiring a Cyber Intel Watch Officer to join our team supporting the Joint Forces Headquarters-Department of Defense Information Network (JFHQ-DODIN), in the J23 (JDOC). The Cyber Intel Watch Officer will produce and disseminate all-source integrated intelligence analysis to support DoD’s Defensive Cyber Operations.

     

    By Light provides a broad range of hardware, software, engineering, and IT integration services. Headquartered in Arlington, VA, we support defense, civilian, commercial, and health IT customers worldwide. We offer an excellent benefits package that includes: medical, dental, vision, life and disability insurance, paid time off, paid holidays, 401(k), and profit sharing.

    Responsibilities

    • Support watch officer shift rotations (day/night) as required in a 24X7 work environment.
    • Produce and disseminate all-source integrated intelligence analysis to support DODIN and defensive cyberspace operations (DODIN/DCO-internal Defensive Measures) planning, integration, coordination, and execution. Assist in analyzing ongoing threat related activities and information targeting the DODIN and develop threat assessments.  Make recommendations for JFHQ-DODIN action to protect the DODIN.
    • Review threat intelligence and open source reports and document their impact to DODIN operations.  Provide all-source analytical support to DODIN/DCO to include production of cyber related Intelligence reports and products.
    • Produce special reports and assessments related to specific incidents and trends concerning threats to the DODIN as required.
    • Conduct analysis to identify indications of adversary activity and warn (Indications and Warning) leaders of potential threats, cyber developments, events or conditions that may adversely affect the DODIN; advise leaders in order to proactively confront emerging challenges, leverage opportunities, avoid surprise and produce strategic outcomes favorable to the U.S. or allied interests.
    • Respond to the J2 for threat identification of activity directed against DoD systems.
    • Evaluate international events, all-source and open-source intelligence, and operational information to assist in the assessment of potential impacts to the DODIN and alert the JFHQ-DODIN Staff and Leadership to potential network exploitation or attacks. Using these techniques and taking advantage of web-based research tools, match potential threat candidates with identified activity, produce reports and/or briefs, and make intelligence-derived recommendations to the J2/J3 for the defense of the affected network.
    • Develop and present intelligence briefings and presentations concerning nation-state and non-state actor capabilities and activities, specific actor profiles, and incidents affecting DoD communications networks.
    • Assist the J2 in the management of daily intelligence reports and bulletins and web sites on the classified networks.
    • Maintain communications as directed by the J2, with intelligence representatives at JFHQ-DODIN, Service components, other Combatant Commands, Department of Homeland Security, US CERT, Intelligence Community, Joint Staff J2/JCS, DODIN service providers, and other organizations as designated.

    Required Experience/Qualifications

    • Clearance: DoD TS/SCI required
    • 2+ years performing cyber threat intelligence analysis.
    • Intelligence all-source analysis; Defense Intelligence Analysis Program; intelligence writing and briefing at a senior level is a must.
    • Ability to place threats in the proper context and identify the “so what” for decision makers; ability to communicate technical information to non-technical audiences.
    • Ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask “why”, defend your analysis, and apply attribution to cyber threat activity.
    • Basic technical understanding in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types). 

    • Familiar with the DoD, Intelligence Community, and private sector cyber community.

    Preferred Experience/Qualifications

    • Experience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activity. Advanced Data Visualization proficiency leveraging COTS/GOTS tools. Technical Skills proficiency: encryption technologies/standards. Cyber security with cloud technologies, Wireless, IoT, etc.
    • Experience with joint and combined military exercises. Analyst experience in any Federal Cyber Center (NCTOC, IC-SCC, Cyber Command, CNMF, CPT, JFHQ-Cyber, NCIJTF, DHS US CERT) or Corporate CIRT. Any type of cyber related law enforcement or counterintelligence experience.
    • Experience performing NETFLOW or PCAP analysis using analysis tools (Wireshark, SourceFire, etc). Experience using ArcSight, FireEye, or other SIEM tools.
    • Security certifications (one or more): Security+, CEH, GIAC, GCIH, etc.

    Special Requirements/Security Clearance

    • Clearance: Active DOD TS/SCI
    • This position is a shift work position and could require you to work day shift, afternoons, or overnight, as well as weekends and holidays.

     

    An Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

    #CJ

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed