Opportunity sourced from the Official SkillBridge website. Not endorsed by the Department of Defense.
This position is located within the Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), Cybersecurity Division (CSD). CISA is the Nation’s risk advisor, working with partners to defend against today’s threats and collaborating with industry to build more secure and resilient infrastructure for the future. CISA works with partners across industry and government to understand and manage risk to our critical infrastructure from a constantly evolving range of cyber and physical threats. CSD leads cybersecurity efforts for CISA as the Nation’s flagship civilian cyber defense organization. CSD collaborates with partners across the government and private sector to enhance the Nation’s cybersecurity by sharing information, providing cybersecurity services and technical assistance, as well as through education and awareness.
Conduct integrated threat intelligence collection, analysis, and reporting to identify, assess, and brief on adversary cyber operations targeting U.S. national interests. Support decision-making through fused intelligence and coordinated reporting. Perform cybersecurity monitoring, incident analysis, and defensive response coordination through correlation, detection, and evaluation of potential intrusions and vulnerabilities. Develop and coordinate operational planning for cyber defense missions, integrating intelligence, defensive technologies, and security policies to support cross-domain cyber operations.• Collect and correlate all-source cyber threat intelligence data (classified, vendor, OSINT).• Identify and document adversary TTPs, motivations, and capabilities.• Produce threat intelligence summaries, alerts, and warnings.• Monitor validated cyber threat activities and update analytical assessments.• Track adversary operational shifts and report threat posture changes.• Review open-source and dark web information for hostile content.• Deliver oral and written intelligence briefings to tactical and strategic stakeholders.• Support CISA threat hunt operations through actionable intelligence insights.• Liaise with DHS, DoD, IC, and private sector partners to share threat indicators.• Maintain situational awareness of priority cyber actors and operational environments.• Detect and document cybersecurity incidents and escalate as needed.• Correlate events from multiple data sources to identify attack patterns.• Differentiate malicious activity from false positives and benign events.• Determine and document threat actor TTPs within observed incidents.• Recommend tools and software solutions to enhance defensive capabilities.• Evaluate new network, software, or system proposals for security impact.• Coordinate with analysts, architects, and developers to improve defensive design.• Research new cybersecurity technologies and methodologies.• Maintain awareness of emerging threats relevant to CISA mission areas.• Draft and refine plans supporting defensive cyber operations.• Integrate threat intelligence into operational and defensive planning.• Participate in target selection and prioritization for defensive actions.• Coordinate with operators and analysts to align cyber mission objectives.• Analyze internal CISA data to generate actionable planning intelligence.• Align operations with IC, SLTT, and private-sector mission requirements.• Define and apply information assurance principles during planning activities.• Identify system security requirements for new or migrating platforms.• Support enforcement of cybersecurity standards and best practices.
THIS ROLE IS IN PERSON AT EITHER ARLINGTON, VA OR PENSACOLA, FL. TS/SCI Required. • A Bachelor's degree in one of the following disciplines or at least (four) years directly related experience: Computer Science, Information Systems, Information Assurance, Mathematics, Intelligence Studies, Political Science, or International Relations. Equivalent years of directly related experience may be considered in lieu of educational requirements and intimate knowledge of cybersecurity security applications with a preferred certification in one of the following: CompTIA Network+, CompTIA Security+, CompTIA Cybersecurity Analyst Course, McAfee Certified Cyber Intelligence Professional, SANS 578 Threat Intel certification, or similar. Project Management Professional (PMP) certification is desired for this position.• Experience with specific tools or systems: Threat intelligence platforms (e.g., OpenConnect, MISP, Analyst1), USG intelligence tools, nodal analysis software (e.g., Analyst's Notebook, Palantir), MITRE ATT&CK Framework, cybersecurity threat platforms (e.g., CrowdStrike Falcon, Google Threat Intelligence, Microsoft Defender Threat Intelligence, etc)• Proficient (Independent) - Complete tasks with minimum supervisiono Demonstrates a good understanding of cognitive biases, cybersecurity principles, threats, vulnerabilities, threat intelligence, threat characteristics, methodologies, and tools.o Handles most tasks independently and accurately, with occasional guidance needed for complex issues.o Can identify key issues and escalate them appropriately.o Regularly seeks to improve process efficiency and quality through feedback or self-learning.• Advanced (Expert in Execution) - Perform tasks at a high-level of accuracy and efficiencyo Demonstrates an expert level of understanding of cognitive biases, cybersecurity principles, threats, vulnerabilities, threat intelligence, threat characteristics, methodologies, and toolso Highly skilled in the specific task area, with deep cybersecurity or cyber threat intelligence knowledge and expertise.o Can handle high-complexity tasks and make decisions independently.o Able to troubleshoot, analyze, and resolve problems effectively, even in ambiguous or high-pressure situations.o Demonstrates strong problem-solving abilities and anticipates challenges in task execution.o Mentors or guides junior analysts and provides insights for process improvement.
TO APPLY: Tailor a resume outlining the Jobs Description and Other Eligibility Factors. Title the email "Cyber Threat Analyst." Address the email to brandon.seay@cisa.dhs.gov. Include your separation date and availability dates (start/finish) in the body of the email.
Send a professional application in seconds, created by prior SkillBridge POCs.
