Senior Cybersecurity Analyst - CTI

ECS is seeking a Cybersecurity Analyst (Senior) to work in our Huntsville, AL office. Please note: This position is contingent upon contract award.

ECS is seeking a qualified Cybersecurity Analyst (Senior) to support cybersecurity operations for the Federal Bureau of Investigation. You will provide leadership and cyber support for the Cyber Threat Intelligence (CTI) Team, playing a crucial role in the FBI's cybersecurity defense strategy.

The CTI Team is Responsible for monitoring and analyzing external cyber threat data to provide insights and actionable intelligence about potential cyber threats. They shall triage information collected from different threat intelligence sources, including internal sources, and study the pattern of attacks, their methodology, motive, severity, and threat landscape applicable to FBI systems. They shall support enhancing the overall cybersecurity posture of an organization by delivering timely, relevant, information to stakeholders.

As a CTI Analyst, you will be to contribute to our CTI operations by supporting the development and implementation of strategies to identify, analyze, and mitigate cyber threats. You will be involved in generating actionable intelligence that aids our customers in preemptively addressing and responding to cyber incidents. In this role, you will enhance our threat intelligence capabilities through the application of advanced technologies and methodologies, ensuring that our defenses remain robust against adversaries. This position is suited for individuals with a solid understanding of the cyber threat landscape, a keen interest in innovation, and a dedication to achieving excellence in cybersecurity defense.

• Contribute to the development and implementation of advanced threat intelligence strategies to identify and counteract evolving cyber threats.
• Analyze and interpret intelligence data to provide actionable insights and recommendations, ensuring our customers can effectively mitigate risks.
• Manage and optimize our threat intelligence platform to ensure timely and efficient collection, analysis, and dissemination of threat data.
• Produce comprehensive finished intelligence reports and advisories, detailing threat analysis, forecasts, and actionable recommendations for customers.
• Conduct dark web monitoring and analysis to uncover emerging threats, vulnerabilities, and criminal activities potentially impacting our customers.
• Leverage threat intelligence frameworks such as ATT&CK, F3EAD, the Cyber Kill Chain, and the CTI Lifecycle to identify threats and present proactive measures for risk reduction.
• Provide intelligence briefings and consultations for customers, offering expert insights into threat landscapes, potential impacts, and mitigation strategies.
• Collaborate with cross-functional teams to enhance our cybersecurity program, incorporating cutting-edge technologies and best practices in threat intelligence.
• Mentor and guide a team of threat intelligence analysts, fostering a culture of continuous learning and improvement.
• Engage with customers to communicate threat findings and strategies, ensuring a cohesive and proactive approach to cybersecurity defense.
• Demonstrate advanced proficiency in using threat intelligence platforms and tools for effective data aggregation and analysis.

• Must have a current Top-Secret Clearance with the capability of obtaining SCI / CI-Poly if needed to meet contract requirements
• Expert experience with Splunk Enterprise Security
• SOC Watch Floor Management experience
• Must currently live within commuting distance to Huntsville, AL or be willing to relocate.
• Ability to work independently and as part of a team.
• Deep understanding of network security, endpoint security, and cloud security principles.
• Strong knowledge of cyber threat groups, including their capabilities and motivations.
• Practical experience using the ATT&CK, Cyber Kill Chain, and/or the CTI Lifecyle to operationalize CTI.
• Proficiency in using and managing TIPs for gathering, analyzing, and disseminating threat intelligence.
• Ability to analyze and interpret data to identify potential threats, vulnerabilities, and indicators of compromise (IOCs).
• Must possess exceptional verbal and written communication skills. Proficiency in producing clear, detailed intelligence reports for technical and non-technical audiences. Ability to deliver compelling presentations and briefings to stakeholders, including non-technical audiences.
• Strong collaborative skills to work effectively with cross-functional teams and stakeholders.
• Possess DOD 8570 compliant certification, such as Security+.