Threat Intelligence Analyst III
MQ Prime is a Virginia based small business who are experts in the world of Cyber Engineering and Software Development. Built on decades of expertise, we support Commercial and Government clients, providing development, design and implementation of cutting-edge solutions. Our personnel maintain support for cyber solutions throughout all of the Government and continue to develop capabilities to fill operational gaps.
MQ Prime offers a salary and benefits package that surpasses industry standards while also providing a varied and expanding portfolio of programs at multiple classification levels to enable employee growth. We want you to grow as we do. Come join us!
The Threat Intelligence Analyst III reviews and assesses raw NetFlow data and identifies any malicious cyber activity directed towards any agency customer entity or partnered organizations.
Principal Responsibilities:
-
Process and enrich information to ensure timely, actionable, high-confidence IoCs are ingested and shared with key stakeholders
-
Aid and guide Cyber Analysts in threat hunting as well as counterintelligence operations
-
Perform cyber intelligence analysis and develop raw intelligence products derived from intelligence reporting, open-source data, and information housed in a custom, classified system based on a proprietary configuration to support investigations, operations, and intelligence production
-
Understand advanced cyber threats, threat vectors, and attack methodologies and how they tie into the Cyber Kill Chain or ATT&CK Framework and Diamond Model
-
Report on underlying patterns of behavior by conducting detailed analysis of incidents, threats, and risks; associated impacts, consequences, and vulnerabilities; tactics, techniques, and procedures (TTP); and other malicious and non-malicious indicators
-
Analyze network and host activity in successful and unsuccessful intrusions by advanced attackers
-
Provide HBSS support for the implementation, testing, integration, interoperability, and sustainment of information technologies comprising the SOC environment, encompassing multiple customer multilevel domains
-
Experience managing, deploying, and troubleshooting HBSS clients and configuring, operating, and maintaining mandated HBSS components for Windows, Solaris, and Linux systems
-
Senior role with extensive experience in all aspects of identifying threats to information systems and producing quality intelligence reporting
-
Supervises and mentors subordinate project staff
-
Collaborate and work with other Threat Intelligence Analyst IIIs
Minimum Requirements:
-
Bachelor’s degree and minimum
-
9 years of position relevant experience
-
Extensive experience in all aspects of identifying threats to information systems and producing quality intelligence reporting
-
Experience managing, deploying, and troubleshooting HBSS clients and configures, operates, and maintains mandated HBSS components for Windows, Solaris, and Linux systems
-
Experience utilizing managed attribution accounts; can identify intelligence gaps, specify collection requirements to fill gaps, and develop analytical tools and methodologies to cope with the gaps; technical understanding in some of the following areas: network communication using TCP/IP protocols, basic understanding of malware (malware communication installation or malware types), or intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, or open source information collection); can identify/prioritize relevant collection requirements/gaps in response to supply chain threats to the federal agency customers and key stakeholders
-
Willing to work on-site in Ft. Meade, MD
-
TS/SCI with CI Poly
Preferred Qualifications:
-
DoD 8570.01-m IAT Level III or CSSP-SPM
-
Proficient with federal agency analytical writing tradecraft
-
Industry standard certifications such as CEH Certification, Security +CE, or GIAC Cyber Threat Intelligence (GCTI)
-
Experience in Publicly Available Information (PAI) analysis
-
Experience with general academic databases and scientific journals and repositories