Center for Internet Security, Inc.

Senior Hybrid Threat Intelligence Analyst - Remote

Job Locations US
ID
2022-1688
Category
Cybersecurity Operations
Type
Regular Full-Time
Remote?
Yes

Overview

As a Senior Hybrid Threat Intelligence Analyst, you will lead the application of open source intelligence (OSINT) techniques among analysts to identify, analyze, and prioritize malicious information operation activities as observed in cyberspace and other media to effectively communicate formal assessments to decision makers and stakeholders in order to drive effective countering measures. Job functions include building new, modifying existing, and using open and commercial tools and environments to collect and analyze data from sources including social media, news media (including video content), online forum content, and chat. Candidates are expected to have an advanced understanding of hybrid threats (cyber and information operation crossovers) and have demonstrated practical expertise on geopolitical tensions and threat actor ideologies and tactics.

 

As a member of the CIS Program for Countering Hybrid Threats, you will, with limited oversight, help lead the integration of hybrid threat analysis into the existing Operations and Intelligence teams. You will solve complex threat and information centric problems, which may involve essential duties and responsibilities that must continue during crisis situations and contingency operations, necessitating extended working hours.

 

The Center for Internet Security (CIS) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit responsible for industry leading best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats.

What You'll Do

  • Help build and maintain OSINT research environments, including training other team members on OSINT tradecraft, principals, and techniques.
  • Conduct OSINT initiatives, including dark web research, in support of the Program for Countering Hybrid Threats to include establishing intelligence questions and requirements as well as identifying the most effective methods for fulfilling these unique priorities.
  • Identify emerging operations and trends based upon extensive research into information threat activity and determine pertinent communications, countermeasures, and recommendations for decision makers, with virtually no assistance or oversight.
  • Generate executive level briefing material, in-depth written products, and simple to complex graphics to convey analysis both verbally and in writing for key stakeholders.
  • Implement data analysis practices to assess trends and patterns of information operations networks and aid in determining potential and expected impacts.
  • Lead the monitoring, tracking, and cataloging of new and existing threat actors, their ideologies, and their tactics respective to information operations.
  • Develop new and augment existing OSINT tools, scripts, and capabilities to address evolving threats and dynamic investigative efforts.
  • Leverage commercial OSINT collection tools to aid in identification and investigative efforts.
  • Other tasks and responsibilities as assigned.

What You'll Need

  • Bachelor’s degree in Intelligence, Data Science, International Affairs, or a related field. *
  • 5+ years of experience in an analytical role as an intelligence analyst or similar title
  • 3+ years of experience in information operations, hybrid threats, or assessing non-traditional threat activity.
  • Demonstrated practical experience and knowledge of OSINT tools (e.g., Buscador, Trace Labs OSINT VM, OSINT Framework, Maltego, Shodan, social media scrapping tools, etc.).
  • Demonstrated experience building, maintaining, and modifying custom scripts and tooling to cater to unique cases and investigative efforts.
  • Knowledge of the current cyber threat landscape and computer networking concepts.
  • Excellent verbal and written communication skills including the ability to clearly articulate complicated technical matters to a variety of audiences and to adapt to customer personalities 
  • Experience in a high-paced and customer-facing security operations environment.
  • Must be capable of obtaining and maintaining a Top-Secret National Security clearance.
  • The position is open to U.S. citizens and requires a favorably adjudicated DHS Fitness Review for Public Trust Positions**
  • Must be authorized to work in the United States

It's A Plus If You Have:

 

  • Master's degree in related field.
  • Formal intelligence analysis training.
  • Established professional portfolio of OSINT related scripts, tools, or frameworks and demonstrated involvement in the larger OSINT community.
  • Certifications in related areas (e.g. GOSI, SANS SEC487 & SEC587, IntelTechniques OSIP, etc).

 

*Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.

 

**Factors that may cause a negative Fitness Review decision include:

  • Criminal Conduct
  • Dishonest Conduct
  • Employment Misconduct
  • Alcohol Abuse
  • Drug Use (illegal drug use or use of a legal drug in a manner that deviates from approved medical direction) Additionally, illegal drug use includes the use of drugs that are illegal for federal purposes despite being legal in select states and countries, such as marijuana.
  • False Statements
  • Financial Issues
  • Have not resided in the US for three (3) of the past five (5) years

 

At CIS, we are committed to providing an inclusive environment in which the diverse backgrounds, experiences, and views of our employees, members, and customers are valued and respected. It is through this commitment that we are able to work together towards our common mission: to make the connected world a safer place.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed