Cyber Threat Intelligence (CTI) Analyst

ECS is seeking a Cyber Threat Intelligence (CTI) Analyst to work in our Windsor Mill, MD office.

Iron Vine Security, a company of ECS Federal, is a rapidly growing information security and information technology company in Fairfax, VA. We are looking to hire a CTI Analyst to provide a full range of cyber security services on a long-term contract in Baltimore, MD. The position is full-time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.

Position Responsibilities:

• Perform IR requirements in support of SOC generated tickets for CTI support.
• Perform technical analysis in response to the operational tickets and other ticketing systems
• Generate analytical products and reports in response to the tickets.
• Generate supporting documents such as a link analysis or timeline analysis for visual representation as needed
• Track indicators identified during analysis by entering data in the tracking tool
• Coordinate findings and/or submit inquiries as needed
• Provide technical guidance and support the customer requested tasks

CTI team conducts OSINT research on a daily basis, and the role requires daily monitoring of OSINT threats to CMS and the healthcare sector.  The activities involve identifying actionable intelligence for CMS security teams; Ad hoc requirements for CMS leadership and identifying trends in the healthcare sector.

Due to the nature of the CTI mission, communications beyond CMS and HHS departments are often required to coordinate either analytical findings or to submit an RFI.

• CTI analyst will coordinate with assigned GTLs and other fed functional areas to coordinate and collaborate information of significance
• CTI analyst will work with cross-functional teams to better integrate findings and create a more robust CTI program

Salary Range: $83,000 - $100,000 

General Description of Benefits

• Able to work independently
• Strong interpersonal and communications skills
• Must be able to work with professionals of varying sectors and skills and technical knowledge
• Working knowledge in the cleared community
• 2 years+ of experience in cyber intelligence and/or investigations background:
  • Cyber threat intelligence analysis and workflow (Intelligence Cycle)
  • Technical report writing
  • Investigative or analytical report writing
  • Technical knowledge in methods and procedures for network exploitation and mitigation
• Able to distinguish different types of exploitation methods
• Able to understand the different methods of network communication
• Demonstrate knowledge in the TCP/IP and OSI model and apply the concept to analysis of log files and metadata such as pcap, netflow data and email metadata
• Application of critical thinking in conducting analysis
• Working knowledge in threat actor/indicators research and analysis
• Experience and confidence in briefing
• Working knowledge in information handling and information sharing
• Experience in handling sensitive and/or classified data as needed
• Experience in conducting research in classified environment
• Experience with threat-modeling and assessing risk to the environment
• Technical knowledge of exploitation techniques, tactics, and procedures
• Team player with a positive attitude
• Experience in aggregating data and writing periodic trend reports
• Clearances Required: Top Secret