Cyber Threat Analysts

This range is provided by Cyber Management (SDVOSB). Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

$90,000.00/yr - $150,000.00/yr

Cyber Threat Analysts

Arlington, VA

Full-time

Must be a U.S. Citizen with Active Security Clearance

Multiple mid-to-senior level roles available in the Cyber Threat Analysis Division (CTAD). CTAD addresses cyber threats affecting the Department of State’s information infrastructure through information sharing, analysis (e.g., trends, modeling, and attribution), customized threat reporting, and support to law enforcement, intelligence, and counterintelligence operations (e.g., threat hunting).

Current Analyst Position Openings:

• Operational Threats and Analysis (OTA)
• Indications and Warnings (I&W)

Target Salary Ranges from $90,000-$140,000

• Ability to identify APT activity and recommend mitigation procedures.
• Familiarity with MITRE Attack Framework and Diamond Modeling.
• Design and define system architecture for complex computer systems.
• Determine system specifications, input/output processes, and security parameters.
• Coordinate subsystem design and system integration.
• Identify, analyze, and resolve program support deficiencies.
• Develop and recommend corrective actions.
• Provide technical guidance to database administrators and software developers.

• Bachelor's degree and 9 years of cyber experience; 4 additional years of experience may substitute for degree.
• Possess or be able to obtain one of the following certifications prior to start: CASP+ CE, CCNP Security, CEH, CFR, CHFI, CISA, CISSP (or Associate), Cloud+, CND, CySA+, GCED, GCIH, GICSP, or SSCP.
• Familiarity with MITRE Attack Framework and Diamond Modeling.
• Experience designing system architecture for complex systems.
• Experience with domain and virus detection tools.
• Active Top Secret clearance with ability to obtain TS/SCI clearance.

• Expertise with Domain Tools & Virus detection.
• IAT Level II Qualification with: GCIH, CYSA, FOR578.

• Support the OTA team.
• Audit for counterintelligence, insider threat, and criminal activities related to Diplomatic Security.
• Recommend strategies for monitoring network use and user behavior.
• Support DS criminal investigators.
• Perform log analysis to identify trends and suspicious activity.
• Coordinate with other government and law enforcement agencies.

• Bachelor's degree and 5 years’ relevant experience; 4 years of experience may substitute for degree.
• Possess one of the following certifications: CASP+ CE, CCNP Security, CEH, CFR, CHFI, CISA, CISSP (or Associate), Cloud+, CND, CySA+, GCED, GCIH, GICSP, or SSCP.
• Experience with threat analysis, UAM tools, law enforcement collaboration, and SOC analysis.
• Active Top Secret clearance, ability to obtain final TS/SCI clearance.

• Track APT activity using open-source, proprietary, and classified reports.
• Perform pattern, trend, and behavior analysis to identify malicious activity.
• Maintain records of cyber threat activity.
• Identify Indicators of Compromise (IOCs) using SIEM and logs.
• Liaise with Intelligence Community members; act as fusion analysis cell within CTAD.
• Present to technical and non-technical audiences.
• Travel up to 10% domestically and internationally.

• Bachelor's degree and 9 years' experience or 4 years' experience in lieu of degree.
• Possess one of the listed certifications.
• Experience with Splunk SIEM, MITRE ATT&CK, and tracking APTs.
• Knowledge of IOCs, threat infrastructure, and technical communication skills.
• Ability to travel and hold an active Top Secret clearance with SCI eligibility.

Cyber Management International Corporation recruits IT security professionals supporting the U.S. Department of State, specifically the Bureau of Diplomatic Security, Directorate of Cyber and Technology Security. We focus on cybersecurity, technology security, and investigative expertise to support critical national security missions.

For more information, visit www.cybermgt.com or email recruiting@cybermgt.com.