Cyber Intelligence Job Description
Cyber Intelligence Duties & Responsibilities
To write an effective cyber intelligence job description, begin by listing detailed duties, responsibilities and expectations. We have included cyber intelligence job description templates that you can modify and use.
Sample responsibilities for this position include:
Cyber Intelligence Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cyber Intelligence
List any licenses or certifications required by the position: CISSP, CEH, SANS, IAT, GIAC, II, POC, III, SSL, OS
Education for Cyber Intelligence
Typically a job would require a certain level of education.
Employers hiring for the cyber intelligence job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Intelligence, Cyber Security, Technical, Education, Information Technology, Information Security, Political Science, Information Systems, Computer Engineering
Skills for Cyber Intelligence
Desired skills for cyber intelligence include:
Desired experience for cyber intelligence includes:
Cyber Intelligence Examples
Cyber Intelligence Job Description
- Integrate threat intel platform with various security tools
- Quality review threat feeds imported into intel platforms and export to appropriate security tools
- Correlate data from IDS/IPS with data from other network sources such as firewall, DNS logs and web servers
- Assist in the tuning and filtering of event monitors
- Coordinate with operations maintenance personnel to aid in ensuring monitoring systems are operational
- Develop reports using data hosted in multiple sources
- Identify potential security exposures that may currently exist or may pose a potential future threat to the U.S. Firm’s applications
- Primary internal subject matter expert and escalation point for incident response
- Investigation of potential fraud related incidents
- Assist in the quick response to fraudulent incidents by generating reports, meeting with clients, and communicating status to management
- Familiarity working under guidelines and contributing inputs based on NIST 800-30rev1
- Highly preferred candidates will have ops training, foreign language skills, and familiarity with customer databases and cable writing
- Ability to review and analyze raw packet/netflow data
- Or 10 years experience in lieu of Bachelor's degree
- Other vendor certifications considered
- Knowledge of information systems security concepts and technologies
Cyber Intelligence Job Description
- Manage an information collection and correlation process that will enable proactive analysis and research of current cyber threat TTP’s from external and internal incidents and evidence to inform and assist efforts responsible for information security alerting, detection, control improvement and response
- Analysis shall be conducted of incoming reporting and referrals from across the US Intelligence Community and from CI investigative, operational, collection and targeting results
- Conduct extensive and in-depth liaison with counterintelligence analytical organizations across INSCOM and the Intelligence Community at large in order to understand investigations in a broader national context and utilize a wide variety of unclassified and classified internal and external databases and resources to conduct data queries and provide written reports to Government Team/Branch/Division Chiefs
- Develops metrics and reports in support of team leadership and daily operations
- Develop, produce, and deliver high-level briefings and briefing materials on industry-focused cybersecurity issues and threats
- Respond to computer security incidents in compliance with Information Security Policies and Industry Best Practices
- Perform basic network security analysis in support of Intrusion detection operations including the development of indicators used to enhance the network security posture
- On occasion, provide extended shift coverage with minimal travel required
- The incumbent will regularly monitor various information security related web sites (SANS Internet Storm Center, ) and mailing lists (BugTraq, ) to stay up to date on current network threats, attack methodologies and trends
- Maintain network devices, design, and infrastructure
- Ability to perform and interpret real-time analyses of piracy usage patterns
- Bachelor’s Degree and nine (9) years of professional experience
- Minimum 10 years of experience as an Intelligence Analyst, Cyber or SIGINT focus
- Minimum three (3) years of experience as an Intelligence Analyst, Cyber or Singals Intelligence (SIGINT) focus
- Contractor must be proficient in developing and presenting, both verbally and in writing, highly technical information and presentations to non-technical audiences at all levels of the organization
- Bachelor’s degree or equivalent in Computer Science, Information Systems, Cyber Security, Computer Engineering, Information Assurance, Mathematics
Cyber Intelligence Job Description
- Conduct malware analysis from collected samples
- Conduct deep-dive intelligence analysis of threat actors and attacks
- Contribute to regular written and verbal briefings and presentations
- Produce and disseminate all-source integrated intelligence analysis to support DODIN and defensive cyberspace operations (DODIN/DCO-internal Defensive Measures) planning, integration, coordination, and execution
- Conduct analysis to identify indications of adversary activity and warn (Indications and Warning) leaders of potential threats, cyber developments, events or conditions that may adversely affect the DODIN
- Evaluate international events, all-source and open-source intelligence, and operational information to assist in the assessment of potential impacts to the DODIN and alert the JFHQ-DODIN Staff and Leadership to potential network exploitation or attacks
- Be in consultation with the senior threat engineers, assist in conducting both technical and contextual analysis of emerging and persistent cyber threats to known or potential vulnerabilities that exist in the enterprise environment
- Develop and disseminates intelligence reports used to provide strategic situational awareness to leadership regarding the cyber threat landscape
- Produce and disseminate periodic reports and briefs regarding financial sector relevant cyber threat landscape trends and events to inform operational and strategic decision makers as required
- Support the enterprise Cyber Threat Intelligence programs
- Research, identify, and present best practices in the defense and mitigation of cyber-related attacks and other crimes
- Provide analysis of cyber based attacks as they pertain to critical infrastructures located within the area of responsibility (AOR) of the NVRIC
- Provide investigative case support to assist in cyber related investigations
- Minimum 10 years of total Information Technology experience, with 5 years Information Assurance experience
- Understanding of Risk Management Framework and supporting NIST Publications including FIPS 199 & 200, SP 800-53, 800-70, 800-37
- Bachelor’s degree or equivalent experience in computer engineering, computer science, or other closely related IT discipline
Cyber Intelligence Job Description
- Provide proactive and reactive end-to-end threat intelligence services to help protect external facing and internal based computing assets, data, and Government clients
- Research, analyze, interpret, evaluate, and integrate complex data from multiple intelligence sources
- Perform Cyber Threat Analysis- must be able to identify threat and develop threat vulnerability assessment
- Prepare extensive assessments, documents, and disseminates information through reports and briefs to technical and non-technical audiences
- Develop complex analytical approaches to problems and situations for which data is incomplete, controversial, or no precedent exists
- Develop, lead and brief senior leadership regarding critical best practices/capabilities pertaining to cyber issues
- Develop innovative approaches to analyze and validate analytical conclusions
- Maintain and update databases, systems, and mechanisms for sharing relevant intelligence information to support ongoing and projected projects
- Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means, to different constituencies such as legal counsel, executive management and technical staff
- Oversee the team's collaboration with external CIRTs, intelligence entities and industry communities (such as DSIE, DCISE) on observed TTPs and activities of persistent threat actors
- Experience with dynamic malware analysis
- Bachelor’s degree in computer engineering, computer science, cyber security, or other closely related IT discipline
- Experience with open source technologies, including Hadoop
- Ability to lead a technical team
- Maintaining knowledge of threat landscape by monitoring OSINT and related sources
- Scripting (Python, Perl, Powershell, Bash, SQL ..)
Cyber Intelligence Job Description
- Develop and produce written tactical and strategic intelligence reports constructed from analysis of developing cyber events including data from intrusions, malware, DDoS, unauthorized access, insider attacks and loss of proprietary information
- Development and maintenance of detection scripts, rules, and signatures
- Respond to high-priority requests for information/intelligence from senior stakeholders
- Develop close working partnerships with functional senior leaders to ensure threat intelligence analysis and products are mapped to prioritized corporate assets and risks
- Produce threat assessments based on all-source intelligence
- Responsible for strategic management of key external security related relationships to ensure processes and controls are integrated to support company goals and policies for risk and compliance management
- Ensure timely response to suspense deadlines and administrative actions
- Install, operate, maintain, test and validate new software and scripts
- Install, test, operate, maintain and validate system improvements
- Evaluate and correct issues
- Minimum 5 years experience in cyber security analysis or incident response
- Any DoD IAT Level I or higher certification such as Security, A+, CISSP, CND-A or other information security certification
- Minimum of three years prior experience
- Any 8570 IAT Level I or higher certification such as Security, A+, CISSP or CND-A
- Bachelor’s Degree in Intelligence Studies, International Affairs, Political Science, Cyber Security or other related discipline
- Must currently possess a TS with ability to be cleared to TS/SCI security clearance