CI Cyber Threat Analyst

Job description

**Req ID:** RQ206536
**Type of Requisition:** Regular
**Clearance Level Must Be Able to Obtain:** Top Secret/SCI
**Public Trust/Other Required:** None
**Job Family:** Cyber and IT Risk Management
**Skills:**
Cybersecurity Operations,Cyber Threat Analysis,Security Operations,Threat Analysis
**Experience:**
10 + years of related experience
**US Citizenship Required:**
Yes

**Job Description:**

Seize your opportunity to make a personal impact as a CI Cyber Threat Analyst supporting our intelligence customer.

GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career.

At GDIT, people are our differentiator.

As CI Cyber Threat Analyst, you will help ensure today is safe and tomorrow is smarter.

Our work depends on a TS/SCI level cleared CI Cyber Threat Analyst joining our team to support our customer.

**Duties & Responsibilities:**

+ Produce weekly actionable Technical CI (Cyber/TSCM/TEMPEST) threat reports in collaboration with teammates, the customers partners and intelligence community peers, as necessary.

Provide relevant input for the CI Cyber Branch to create 36 weekly threat reports, each report due NLT 0800 each Monday morning.

Threats reports will include (as applicable):
+ Threat data collected and reported by the customers Technical CI team and network security personnel.
+ Intelligence reported by the Intelligence Community.
+ Fusion of all source threat analysis derived from multiple intelligence sources (INTS).
+ Imagery when available.
+ Information that can be used to inform security decisions.
+ Produce monthly Technical CI threat reports in collaboration with teammates, the customers partners and Intelligence Community peers as necessary.

Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month.

Threat reports should include:
+ Compilation of data collected and reported in weekly products.
+ Intelligence reported by the Intelligence Community.
+ Fused All Source threat analysis derived from multiple INTs.
+ Imagery when available.
+ Depiction of Technical CI threat (s) to inform security decision makers.
+ Produce quarterly Technical CI threat reports in collaboration with teammates, the customers partners and Intelligence Community peers as necessary.

Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July.

Threat reports should include:
+ Compilation of data collected and reported in weekly and monthly products.
+ Intelligence reported by the Intelligence Community.
+ Fused all source threat analysis derived from multiple INTs.
+ Include imagery when available.
+ Depiction of Technical CI threat (s) to the customer to inform security decisions.
+ Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, customer partners and Intelligence Community peers as necessary.

The annual Cyber Threat Assessment is due NLT 1 December.

Threat studies should include:
+ Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products.
+ Raw and finished Intelligence reported by the Intelligence Community.
+ Fused all source threat analysis derived from multiple INTs.
+ Include imagery when available.
+ Analytic judgments, intelligence gaps, and overall technical threat(s) to the customer.
+ Produce CI Information Reports and IIRs from data collected and reported by either the Technical CI team or the cyber security personnel.

Provide a minimum of 6 Reports of Inquiry and/or Requests for Information within Fiscal year.

Effective IIR writing requires:
+ Coordination with teammates and stakeholders to ensure accuracy of reported information.
+ Cross referencing local information reporting with Intelligence Community reporting.
+ Clear and concise writing to briefly convey threat.
+ Responsiveness to Intelligence Community priority collections requirements.
+ Timeliness.
+ Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE or Criss Cross).
+ Provide Technical CI advice and expertise in support of CI inquiries, operations and issues.
+ Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners.
+ Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers.
+ Provide high-quality, appropriate and objective conclusions from information in a timely manner.
+ Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages.
+ Provide current subject matter expertise on Technical CI issues, threats and trends.

(For example: Cyber threats and Technical Surveillance threats.)
+ Self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards.
+ Have proficiency in use of bottom-line-up-front (BLUF) writing.
+ Collaborate well internally and externally with IC/Cyber community members.
+ Coordinate CI Cyber activities originating from Enterprise Incident Response Events.
+ Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other customer Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission.
+ Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures.

**Skills and Experience:**

Required **:**

+ 11+ years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations.
+ Meet minimum training requirements, within one calendar year of assignment, for access to DoD networks in accordance with DoDM 8140.03, by attaining and maintaining at least baseline certification for DoDM 8140.03 Information Assurance Technician Level II compliance.

Desired:

+ Be a credentialed graduate of an accredited federal or DoD CI training academy.
+ Bachelor’s degree in Science, Technology, Engineering or Mathematics disciplines.
+ Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines.
+ Possess knowledge and understanding of foreign adversaries’ security and intelligence services, terrorist organizations, and threats posed to US Gov.
+ Experience translating Government vision into understandable and achievable measures.
+ Experience in using supervisory skills to coach teammates to achieve objectives
+ Monitor and track progress towards achievable measures.

**Location** : Customer Site

**Clearance** : Active TS/SCI with ability to obtain CI Poly

US Citizenship Required

The likely salary range for this position is $161,158 - $186,300.

This is not, however, a guarantee of compensation or salary.

Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.

To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.

To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.

We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT.

A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community.

Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation.

We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development.

Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
Join our Talent Community to stay up to date on our career opportunities and events at https://gdit.com/tc.
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Required Skill Profession

Other General