Cyber Fusion Analyst (TS/SCI Required) with Security Clearance

---

Job description

Position: Cyber Fusion Watch Officer (DNEA or TDNA) Location: Fort Meade, MD Shifts: Team 1: 0500 - 1500/Monday - Thursday (Not usually available)
Team 2: 1300 - 2300/Monday - Thursday
Team 3: 2100 - 0700/Monday - Thursday
Team 4: 0420 - 1730/Friday - Sunday
Team 5: 1620 - 0530/Friday - Sunday
Overview: We are seeking a qualified individual to fulfill the role of Cyber Fusion Watch Officer at our Fort Meade, MD location. The position involves providing support to the Joint Force Headquarters-DoD Information Network (JFHQ-DODIN), contributing to network operations, and defensive cyber operations for the United States Cyber Command in alignment with DoD objectives. Key Responsibilities: Utilize diverse network monitoring tools to detect and analyze cyber adversary activities, employing methods such as netflow, custom application protocol logging, signature-based IDS, and full packet capture (PCAP) data.
Contribute to the development of Cyber Fusion standard operating procedures (SOPs) and framework based on industry best practices, Department of Defense instructions, and guidance.
Identify and assess threats to the enterprise, recommending mitigation strategies to enhance security and minimize the attack surface.
Conduct analysis using serialized threat reporting, intelligence sharing, OSINT, and open-source vulnerability information to develop prioritized plans.
Analyze and document malicious cyber actors' Tactics, Techniques, and Procedures (TTPs), aligning recommendations with vulnerabilities and their applicability to the operational environment.
Investigate and analyze system compromises, providing written analytic summaries and visualizations of attack life cycles.
Provide risk assessments and recommendations based on analysis of technologies, threats, intelligence, and vulnerabilities.
Collect and analyze metrics and trending data, offering situational awareness on key trends.
Guide the use of OSINT techniques in investigatory requirements.
Perform quality assurance on SIGACTs, ensuring compliance with policies and capturing all necessary information before closure.
Required Qualifications: Active DoD TS/SCI Clearance and eligibility for polygraph.
DoDD 8570 IAT Level II Certification (SEC+, CySA, GICSD, etc.).
Bachelor's degree in a related discipline and 8-12 years of relevant experience; additional experience may be accepted in lieu of a degree.
Experience working with members of the Intelligence Community and understanding of Intelligence processes.
In-depth knowledge of network and application protocols, cyber vulnerabilities, exploitation techniques, and cyber threat/adversary methodologies.
Proficiency with analysis tools and protocols (e.g. Splunk, CMRS, VDP, passive DNS, Virus Total, TCP/IP, OSI, WHOIS, enumeration, threat indicators, malware analysis results, Wireshark, Arcsight, etc.).
Experience with Intelligence Community repositories (Pulse, TESTFLIGHT, etc.).
Experience with various open-source and commercial vendor portals, services, and platforms related to threat identification or combat.
Preferred Qualifications: Experience with the DODIN and other DoD Networks.
Familiarity with DoD portals and tools (RAMs, IKE, JCC2, etc.).
Experience with proprietary OS Intelligence Sources (Mandiant, Recorded Future, Shodan, etc.).
Proficient in building extended cybersecurity analytics (Trends, Dashboards, etc.).
Demonstrated experience briefing Senior Executive Service (SES) and General Officer/Flag Officer (GO/FO) leadership.
Experience in intelligence-driven defense and/or Cyber Kill Chain methodology.
IAT Level III or IAM Level II+III Certifications.
Salary Range: $120,000 - $160,000 per annum

<!– job description page –>