Cyber Intelligence Threat Analyst

Responsibilities

Peraton is currently seeking an experienced Cyber Intelligence Threat Analyst to join our team in support of the U.S. Army Europe Regional Cyber Center (RCC-E).

 

Location: Wiesbaden, Germany.

 

In this role, you will be: 

• Working as an expert, conduct research and evaluate audit data with specific emphasis on network operations and cyber warfare tactics, techniques, and procedures focused on the threat to networked weapons platforms and US DoD information networks.
• Analyze host and network events to determine the impact on current operations. 
• Conduct research to determine advisory capability and develop analytics based on indicators of compromise to leverage the SIEM.
• Execute hunt missions for various threat actors to determine the risk to the DoD information network and recommend mitigations to reduce the attack surface.
• Prepare assessments and cyber threat reports of current events based on the research and analysis of classified and open-source information.
• Correlate threat data from various sources.
• Develop and maintain analytical procedures to meet changing requirements and ensure maximum operations.
• Produce high-quality papers, presentations, recommendations, and findings for senior U.S. government intelligence and network operations officials.

 

 

 

Qualifications

Required: 

• Minimum of 5 years experience in Cyber Systems Engineering with a Bachelor’s degree in a STEM field or Business Administration; an additional 4 years of experience in lieu of degree may be considered.
• Must be able to qualify for technical expert status accreditation (TESA) by having a bachelor's degree in a STEM field or Business Administration plus 3 years of specialized experience OR an associate’s degree plus 7 years of specialized experience OR a major certification plus 7 years of specialized experience.
• Active DoD Approved 8140 Certification (DCWF: 541 - S. or CISA, CISM, GCIH, GSNA, CFR, Cloud+, CYSA+, GCED, GICSP, PenTest+) and (8140 Residential within 90 days of acceptance - GNFA, GCTI, GDSA, GCDA, GCIH, GREM, DCITA CIRC, FIWE, Offensive Security OSDA).
• U.S. citizenship required.
• An Active DoD Top Secret (ICD 706 eligibility) security clearance.

Additional requirements include:  

• Must have a full, complete, and in-depth understanding of all aspects of Defensive Cyber Operations.
• Must be fluent in all aspects of government and corporate communications media to include all MS Office products and common task ticketing systems.
• Must have a good breadth of knowledge of common ports and protocols of system and network services.
• Must have the demonstrated ability to communicate with a variety of stakeholders in a variety of formats.
• Proven experience working with Security Information and Event Management (SIEM) tools to create analytics and detect patterns or anomalies.
• Strong understanding of adversary tactics, techniques, and procedures (TTPs) and the MITRE ATT&CK framework.
• Demonstrated ability to analyze complex software systems, identifying functionality, intent, and potential vulnerabilities.
• Knowledge of network protocols, operating systems, and cybersecurity principles.
• Experience conducting cyber threat research and presenting findings to technical and non-technical stakeholders.
• Ability to resolve advanced malware and intrusion issues and design effective countermeasures.
• Contribute to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations.
• Experience with intrusion detection systems such as Snort, Suricata, and Zeek.
• Strong written and verbal communication skills for preparing technical reports and delivering briefings to leadership and stakeholders.
• Assist all sections of the Cyber Security Service Provider Division as required in performing Analysis and other duties as assigned.

 

Preferred Qualifications: 

• Experience with the Elastic SIEM.
• Experience in packet captures and analyzing a network packet.
• Experience with intrusion detection systems such as Snort, Suricata, and Zeek.
• Experience with SIEM systems such as Splunk, ArcSight, or Elastic.
• Experience with Microsoft Windows event IDs.
• Experience with Linux audit log analysis.
• Familiarity with Git and VScode.
• Experience with one or more scripting languages such as PowerShell, Bash, Python.
• Self-starter with excellent judgment, capable of independent decision making.

 

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors.