Cyber Outreach/Threat Intelligence Analyst

Position description

The Maryland Coordination and Analysis Center’s Critical Infrastructure Protection Branch (CIP) manages the state-wide cyber outreach/threat intelligence effort and is the primary interface for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) Cyber Protective Security Advisor. The Cyber Outreach/Threat Intelligence Analyst develops and maintains a high-level understanding of cyber threats and vulnerabilities by identifying, collecting, and analyzing data. This position correlates threat intelligence from various sources to produce assessments, bulletins, and specialized reports. This position communicates with the stakeholders including public sector, private sector, and others regarding standing information needs and information sharing. The Analyst must be able to work independently and jointly with government and private sector partners.

 

 

Responsibilities:
 

Analytical Activities

• Monitor and assess cyber threat trends across all critical infrastructure sectors, with priority given to lifeline sectors.

• Identify and analyze threat intelligence from secured and open source information to produce assessments, bulletins, and specialized reports including threat actor profiles, TTP analysis, and threat forecasting.

• Produce assessments, bulletins, and specialized reports to assist homeland and national security, government, and private sector customers in supporting the security and protection of Critical Infrastructure and Key Resources (CIKR).

 

Liaison/Outreach Activities

• Develop and maintain relationships and liaison with homeland and national security partners, government and private sector customers as related to ensuring cyber resiliency of CIKR in Maryland and the National Capital Region (NCR).

• Develop and maintain collaboration with state partners like the Maryland Department of Information Technology (MDoIT), Maryland Information Sharing and Analysis Center (MD-ISAC), and Maryland Department of Emergency Management (MDEM) across the spectrum of protection and mitigation segments as they pertain to cybersecurity in the state of Maryland.

• Develop and deepen collaboration with industry and security associations like the MS-ISAC through information-sharing and involvement in training and awareness activities. 

 

Continuing Education, Training, and Conferences

• Attend continuing education/training opportunities supporting maintenance and advancement of analytical tradecraft and technical skills and knowledge. 

• Remain current with all necessary intelligence analysis systems and procedures. 

• Attend, participate in, and/or lead conferences related to cybersecurity

 

Other duties as assigned

• Assist the CIP branch with outreach and training events to further the mission and contribute to developing a network of contacts at the fusion center.

• Assist in the development of mission priorities and research parameters

• Staff appropriate command posts and emergency operations centers during special events and critical incidents to provide a liaison between the MCAC and other agencies.

 

Required Education: Bachelor’s degree in information systems, security studies, international relations, computer science, cybersecurity, or closely related field.

 

Required Experience: Two years as a cyber threat intelligence analyst or related role.

 

Preferred Education: Master’s degree (MA/MS/MPS) in cybersecurity, information systems, intelligence, security studies, or closely related field.

 

Preferred Experience: 5+ years as a cyber threat intelligence analyst or related role.

 

Required Knowledge, Skills, and Abilities

• Knowledge of Advanced Persistent Threats (APTs) and associated tactics, techniques, and procedures (TTPs).

• Knowledge of analytical models for threat intelligence – e.g., Cyber Kill Chain, Pyramid of Pain, MITRE ATT&CK, and the Diamond Model

• Knowledge of the different types of threat intelligence

• Familiarity with threat intelligence platforms (TIPs) – e.g., X-Force Exchange, VirusTotal, and Level Blue Labs OTX

• Familiarity with threat intelligence tools – e.g., SHODAN and Domain Tools

• Knowledge of the Intelligence Cycle

• Experience working with Microsoft Office products including Word, Excel, PowerPoint, and Publisher

• Ability to communicate effectively orally and in writing to a wide range and number of audiences

• Ability to work extended hours as necessary

• Ability to prepare graphs, charts, tables, maps, and other illustrative devices from collected data or visual presentations

Application instructions

Please be sure to indicate you saw this position on tendersglobal.net