Job Description

Description:
The selected candidate will serve as a cyber intelligence analyst within the Department of Defense Cyber Crime Center (DC3) Analytical Group. The analyst provides the customer with expertise in Intelligence sources, collection methods and analytic techniques. The analyst collaborates among interagency partners to identify malicious activity and provide analytic support to LE/CI investigations and operations. The analyst performs analysis on existing and emerging advanced persistent threat (APT) organizations, actors, and malware, ideally with a focus on threats originating from the Eurasia area of responsibility (AOR). The analyst should have a strong interest in and integrated understanding of the way varying disciplines interact (CI, net defense, threat hunting, digital , and operational/strategic threat intelligence).

Ideal candidate is an experienced technical cyber intelligence analyst or law enforcement / counterintelligence (LE/CI) analyst or agent, who has applied their mastery of cyber threat intelligence, intelligence analysis techniques, and sources and methods to produce high quality analysis products for the last 5 years.

Only candidates with a current TS/SCI clearance will be considered.

Candidates with CI Poly preferred, but not necessary to start.
Basic Qualifications:
BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Studies, Cyber Security or another related field of study or equivalent 3+ years performing technical cyber threat intelligence analysis.
.Strong technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations
(proxy, firewall, IDS/IPS, router/switch) and open source information collection. Candidate must have a thorough understanding of Domain Name Service records.
.Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength.
.Strong understanding of US Intelligence Community and how cyber intelligence organizations work together for purposes of conducting cyber threat analysis
.Strong proficiency hunting APT data using open source or commercial cyber threat analytic tools or data repositories such as VirusTotal, Passive Total, Threat Miner, or Maltego.
.Strong proficiency and recent experience (within last 3 years) performing NETFLOW analysis using common analysis tools (Wireshark, Dshell).
.Candidate must be familiar with sessionizing PCAP data, identifying and decoding protocols, extracting files, and applying standard filters such as Berkley Packet Filter (BPF).
.Strong ability to correlate data and research using open source repositories (ex. VirusTotal, Domaintools, Threatminer, etc.)
.Strong proficiency Intelligence Analysis report writing a technical writing sample and technical editing test will be required if the candidate has no prior record of published intelligence analysis reporting
.Strong or Intermediate ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity.
Candidate must be able to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system analysis. Candidate must be able to identify analytic bias.
.Intermediate ability to present technical information and analysis to groups up to 50 persons on a quarterly basis.
.Self-starter with the ability to proactively engage and develop
relationships with intrusion set subject matter experts and analyst
counterparts across the US Intelligence and Law Enforcement communities
.An innovative mindset
Desired Skills:
Existing Subject Matter Expert of Advanced Persistent Threat activity.
Proficiency in Russian language.
Familiarity with / experience researching Secure Sockets Layer (SSL) certificates and IP Geolocation.
Formal training as an intelligence analyst in any discipline - graduate of US Govt intelligence analysis course: CAC, IBC, Kent School, IC
101, Analysis 101, Army, Navy, Air Force, etc
Experience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activity
Certifications (any): CISSP, CEH, Security+, SANS certification(s), Network+, CCNA
Advanced Data Visualization proficiency leveraging COTS/GOTS tools
Technical Skills proficiency: language, encryption technologies/standards Intermediate malware analysis or digital computer experience
Any type of Cyber related Law Enforcement or Counterintelligence experience
Experience using COTS/Open Source tools: Novetta Cyber Analytics, Mitre ChopShop and/or ARL DSHELL
Analytic experience in Federal Cyber Center, NSA, or Corporate CIRT Other Important Information You Should Know Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings.Work Schedules: Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits.Schedule for this Position: Non- standard 40 hour work week as assigned by leaderSecurity Clearance Statement: This position requires a government security clearance, you must be a US Citizen for consideration.Clearance Level: Top Secret with an investigation within 5 years Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. Join us at Lockheed Martin, where your mission is ours. Our customers tackle the hardest missions. Those that demand extraordinary amounts of courage, resilience and precision. Theyre dangerous. Critical. Sometimes they even provide an opportunity to change the world and save lives. Those are the missions we care about.

As a leading technology innovation company, Lockheed Martins vast team works with partners around the world to bring proven performance to our customers toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories.Experience Level: Experienced ProfessionalBusiness Unit: RMSRelocation Available: NoCareer Area: Cyber Security Intelligence Analyst Type: Task Order/IDIQ Shift: First