Cyber Threat Intelligence Analyst

Cyber Threat Intelligence Analyst | Security Operations Center (SOC)**Active Top Secret clearance required**We are seeking an experienced Cyber Threat Intelligence Analyst to join our Security Operations Center (SOC) team. This role supports analysis and research on the latest advanced cyber threats to provide actionable threat intelligence, including adversary indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), behaviors, and trends to help defend the client agency.Key Responsibilities:Conduct analysis to profile threat actor TTPs used to infiltrate networks, systems, and assets; produce threat actor cards, profiles, and threat briefsReport on current and emerging threats that exploit vulnerabilities and provide detailed vulnerability assessments to stakeholdersCollect, analyze, and correlate cyber threat intelligence from open-source, commercial, and government sourcesMonitor open-source intelligence, industry reports, and internal security logs to gather threat information; synthesize and disseminate critical insights to relevant stakeholdersConduct tactical, operational, and strategic threat analysis in support of ongoing monitoring and investigations; identify patterns and attribute attacks to specific actorsTrack threat actors, phishing campaigns, malware, and TTPs relevant to the agency's mission and technology footprintProduce actionable reports, briefings, and IOCs for internal stakeholdersSupport development of new detection rules and analytics based on evolving threatsRequired Qualifications:10+ years of experience in cybersecurity threat intelligence, intelligence analysis, threat analysis, or related cybersecurity roleProven experience as a cyber threat analyst collaborating with multiple internal and external stakeholders to gather data, analyze intelligence, create joint reports, and share findings with relevant entitiesAbility to prioritize and manage multiple events/initiatives simultaneouslyExperience using MISP Threat Intelligence Platform or similar intelligence platformsFamiliarity with CNE and CNA tools and tradecraft, along with signatures, tactics, techniques, and procedures associated with preparation for and execution of such attacksKnowledge of cyber threats, open-source research, nation-state actors, current vulnerabilities, and cyber attacksBachelor's degree (or 4 years of additional experience in lieu of degree)Active Top Secret clearancePreferred Qualifications:Experience working in a SOC or cyber operations environmentExperience with Splunk (writing/understanding queries and evaluating telemetry logs)Ability to write and deliver succinct briefings, presentations, and reports conveying analysis, threat trends, threat actor profiles, indicator bulletins, vulnerability details, and defensive strategies to varied audiencesKnowledge of current and emerging cyber adversaries and their TTPsKnowledge of threat modeling and adversary tactics/techniques frameworks such as MITRE ATT&CK, Cyber Kill Chain, STRIDE, PASTA, etc.Familiarity with Confluence and JiraFamiliarity with ServiceNow or similar ticketing systemsCurrent certification: CISSP, GCTI, GCIA, GCIH, CEH, CTIA, or equivalent