Job Description
ROLES AND RESPONSIBILITIES
The Cyber Threat Intelligence Analyst will provide analysis on identifying trends, patterns, and emerging cyber risks and threats, and provide senior leaders in local, state, federal, and private sector organizations with both strategic and tactical cyber-related intelligence that furthers their critical understanding of the cyber threat environment. Responsibilities will include strategic intelligence analysis to provide an overall picture of the intent and capabilities of malicious cyber actors, as well as the tools, tactics, techniques, and procedures (TTPs) that malicious actors may utilize. Responsibilities will also include tactical analysis of cyber indicators, to include, but not limited to, Internet Protocol (IP) addresses, domains, hashes, and log files. Tactical intelligence will be provided in support of law enforcement investigations, and to inform cybersecurity decision-making and planning efforts throughout the Metro Boston Region. The Cyber Threat Intelligence Analyst will be required to:
Provide actionable strategic intelligence to partners regarding new cyber trends and patterns, TTPs, tools, or actors
Produce daily, monthly, and/or ad-hoc, actionable intelligence products on emerging cyber incidents, risks, threats, events, or trends, in accordance with intelligence community standards
Perform analysis of raw, primary, and secondary data derived from various sources
Gather, analyze, and categorize strategic and tactical cyber threat indicators
Produce reports and briefs identifying significant or suspicious cyber-related events
Coordinate with appropriate personnel, organizations, and units, including but not limited to Federal, State and Local Police Computer Crimes Units; city and state Chief Information Security Officers; state and/or local Information Technology departments; FBI; Department of Homeland Security Office of Intelligence and Analysis and Cybersecurity and Infrastructure Security Agency; the U.S. Secret Service; the owners and operators of Critical Infrastructure; the Multi-State Information Sharing and Analysis Center; and other Information Sharing and Analysis Organizations.
Create cyber-related assessments and provide actionable recommendations regarding cybersecurity measures for partner entities
Work alongside federal, state, and local agencies in addressing threats posed by terrorists, nation-states, and other cyber criminals conducting cyber attacks
Work with other Fusion Center staff to ensure that developments in cyber, computer, network security, and law enforcement investigative capabilities are analyzed and shared during non-cyber focused intelligence production
Monitor a variety of classified, sensitive, partner, and open source reporting for cyber information relevant to partners and/or the Fusion Center domain
Serve on cyber working groups and Incident Response Teams, as appropriate
REQUIRED QUALIFICATIONS
Education: High School Diploma / GED Minimum
Relevant Experience: Eleven (11) years’ experience with a high school diploma / GED or six (6) years’ experience with a bachelor’s degree or four (4) years’ experience with a master’s degree
Candidates are required to pass a background check, to include a drug test, with the Boston Police Department as a condition of employment and must be able to obtain and maintain a national security clearance at the Top Secret level.
DESIRED SKILLS & KNOWLEDGE
At least two (2) years of experience as an Intelligence Analyst within a local, state, or federal law enforcement agency and/or state/major urban area fusion center and/or U.S. Military
Master's degree in intelligence analysis, computer science, information technology, information assurance, or a related field
Experience writing intelligence assessments for intelligence community or law enforcement consumers
Basic knowledge of Operating Systems to include Windows, LINUX, UNIX, Mac OS, iOS, and Android
Working knowledge of various security methodologies, processes, and hardware; including firewalls, intrusion detection systems, and intrusion prevention systems, as well as computer communication networks, protocols, and analysis (e.g. TCP/IP)
Knowledge of cybercrime TTPs to include: website defacements, cross-site scripting (XSS), Structured Query Language (SQL) injection (SQLi) attacks, denial of service (DoS) attacks
Basic knowledge of various computer forensic methodologies and related tools to include FTK and Helix
Knowledge and experience with methodologies such as indicator pivoting and sandboxing malware
Strong understanding of privacy, civil rights, and civil liberties issues as they pertain to the intelligence cycle within local law enforcement and an intelligence fusion center environment
Knowledge of state, local, and federal laws and regulations regarding cybercrime
Strong analytical and problem-solving skills
Excellent oral and written communication skills, including the ability to clearly articulate technical cyber matters to a variety of audiences
Ability to work well within a team environment
Ability to maintain focus under pressure
#J-18808-Ljbffr Amentum
Job Tags
Local area,