Center for Internet Security

Compensation

Full Description

The Threat Intelligence Analyst is part of the Countering Hybrid Threats department, which resides on the CIS Threat Intelligence team and reports to the Executive Director of Countering Hybrid Threats. As a Threat Intelligence Analyst, you will apply data, cyber, and open-source intelligence (OSINT) techniques to help identify, analyze, and respond to malicious cyber, physical, and information operation activities. Analysis must be effectively communicated in formal assessments to decision makers and stakeholders to drive effective counter measures. Job functions include using open-source and commercial tools to collect and analyze data from various sources, including cyber feeds and collections, social media, news media (including video content), online form content, online chats, and blockchain intelligence platforms. Candidates are expected to understand hybrid threats (cyber, physical, and information operation crossovers) and have expertise in geopolitical tensions, threat actor ideologies, and threat actor tactics, techniques, and procedures (TTPs). Experience using blockchain analysis tools and conducting cryptocurrency investigations is preferred. As a member of the team, you will work in both a classified and unclassified environment, with limited oversight, to integrate threat analysis into operations and intelligence teams. The Threat Intelligence Analysts are tasked with helping to solve complex threat problems, which may involve essential duties and responsibilities that must continue during crisis situations and contingency operations, necessitating extended working hours. What You'll Do: Identify emerging operations and trends based on extensive research into cyber, physical, and information related threat activity to determine pertinent communications, countermeasures, and recommendations for decision makers, with minimal assistance or oversight Use a Threat Intelligence Platform (TIP) to collect, organize, correlate, and analyze cyber threat data from various sources to extract relevant and timely indicators for sharing with members in near real-time Implement data analysis practices to assess trends and patterns of cyber, physical, and information operations networks and aid in determining potential and expected impacts Conduct cyber technical analysis of malicious and suspicious code to understand the nature of the threat and to extract unique attributes for proactive defense Identify, monitor, track, and catalog threat actors, their ideologies, and their tactics by leveraging commercial and open-source intelligence collection tools Leverage blockchain analysis tools to trace cryptocurrency transactions and identify malicious activity Generate briefing material, written products, and simple graphics to convey analysis both verbally and in writing for key stakeholders Coordinate internally and externally with CIS and the Multi-State Information Sharing and Analysis Center (MS-ISAC), as well as supporting partners to provide threat expertise Aid U.S. election officials with responding to and analyzing threat centric incidents On call and after-hours surge support are required Other tasks and responsibilities as assigned What You'll Need: Bachelor’s degree in Intelligence, Cybersecurity, Data Science, International Affairs, or a related field* 2+ years’ experience in an analytical role as a cyber threat intelligence analyst, digital forensics analyst, intelligence analyst, information operations analyst, counterintelligence or terrorism analyst, or similar role Demonstrated practical experience and knowledge of OSINT tools (e.g., Buscador, Trace Labs OSINT VM, OSINT Framework, Maltego, Shodan, Chainalysis Reactor, social media scraping tools, etc.) Knowledge of the cyber threat landscape and common network architecture and security concepts (e.g., web content filtering, domain reputation policy, signatures, indicators of compromise, host-based analysis systems, email analysis, etc.) Excellent verbal and written communication skills, including the ability to clearly articulate complicated technical matters to a variety of audiences and to adapt to customer personalities Experience in a high-paced investigative environment Must be capable of obtaining and maintaining a Top-Secret National Security clearance The position is open to U.S. citizens and requires a favorably adjudicated DHS Fitness Review for Public Trust Positions** It's a Plus if You Have: Master's degree in related field Formal intelligence analysis training Blockchain analysis experience Basic knowledge with programming/scripting languages (Python, Bash, Perl, C/C++, or JavaScript) and Structured Query Language (SQL) Language proficiencies (e.g., Chinese, Russian, Korean, Arabic, Persian, etc.) Certifications in related areas (e.g., GOSI, SANS SEC487 & SEC587, IntelTechniques OSIP, etc.) *Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree. **Factors that may cause a negative Fitness Review decision include: Criminal Conduct Dishonest Conduct Employment Misconduct Alcohol Abuse Drug Use (illegal drug use or use of a legal drug in a manner that deviates from approved medical direction) Additionally, illegal drug use includes the use of drugs that are illegal for federal purposes despite being legal in select states and countries, such as marijuana. False Statements Financial Issues Have not resided in the US for three (3) of the past five (5) years At CIS, we are committed to providing an inclusive environment in which the diverse backgrounds, experiences, and views of our employees, members, and customers are valued and respected. It is through this commitment that we are able to work together towards our common mission: to make the connected world a safer place. Compensation Range: $40.25 - $70.49 Welcome to our employment section. Here you can view our current job openings and apply for positions online. Can't decide on just one opening? Our online application system allows you to easily apply to additional positions, after creating your profile! CIS takes pride in providing a comprehensive benefits package and supportive work environment. We offer a competitive total rewards package at the Center for Internet Security: Base salary is determined on a number of factors including, but not limited to, education, experience and skills Health (PPO, EPO, HSA), Dental & Vision Insurance eligibility starting from the first day of hire $500 wellness card for Health Coverage Participants 401(k) with 4% Company Match, vested from the first day of hire Flexible Spending Account (FSA) & Dependent Care Account (DCA) Life Insurance Bonding Leave Paid Volunteering Program Bonus eligibility Paid Time Off (PTO) inclusive of vacation, personal and sick time Paid Holidays Wellness Program Employee Engagement Activities Professional Development Opportunities Tuition Reimbursement Student Loan PayDown Program Employee Referral program Employee Assistance Program The Center for Internet Security (CIS) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit responsible for industry-leading best practices for securing IT systems and data. CIS is also a trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial (SLTT) government entities and election offices. CIS has an award-winning reputation for investing in its people (click here to learn more), as well as continuous learning and development. We offer our employees diverse opportunities to expand their impact personally and professionally, in their local communities, and among one another. Core Leadership Principles drive our employees at every level of the organization, empowering them to be leaders in everything they do. We are a community-driven nonprofit, responsible for the CIS Controls® and CIS Benchmarks™, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the rapidly changing cybersecurity needs of U.S. elections offices.