Cyber Intelligence Analyst

Cyber Intelligence Analyst, (Level IV) in COS

The Intelligence Division gathers and integrates IC data on worldwide cyber and EW threat trends relevant to the MDS community. The focus is on cyber/EW threats to the builders/developers of missile defense to include the MDA, DoD, DIB, and the MDS. The cyber intelligence function feeds relevant intelligence to the IM, IT, and IA Risk Management and Test processes at MDA.

Task Details - Cyber intelligence analysts shall provide intelligence on cyber/EW threats to the BMDS. Assist Cyber Assistance Teams (CATs) whose primary goal is to defeat cybersecurity threats at the source and deter or deny future attacks through tailored mitigation strategies. The analysts shall leverage open source and intelligence community resources and capabilities to understand threat techniques, tactics, and procedures (TTPs) and ascertain threat/attack vectors facing industry and MDS-related networks and systems.

Liaise with the IC to gather cyber intelligence on threats affecting or potentially impacting the DIB partners, MDS in general, and in particular:

- The Ground-Based Weapon Systems (Terminal High Altitude Area Defense System (THAAD), Ground-Based Midcourse Defense (GMD), U.S.-Israeli Programs (IP));

- Sensors, Space, Command and Control (SN, SS, BC);

- Sea-Based Weapon Systems (AB);

- DE;

- DT:

- The Office of the Chief Information Officer (CIO)/Senior Information Security Officer (SISO); and,

- Other MDA programs.

Organizations the contractor shall liaise with include, but are not limited to:

- NSA

- DIA

- U.S. Strategic Command (USSTRATCOM)

- U.S. Northern Command (USNORTHCOM)

- U.S. Cyber Command (USCYBERCOM)

- NASIC

- CIA

- Defense Cyber Crime Center (DC3)

b. Conduct research and analysis of classified reporting and Open Source Intelligence (OSINT) to assist CATs in identifying threats to DIB partners. Liaise with builders of missile defense to include the CCMDs and MDA to coordinate cyber intelligence requirements and provide cyber intelligence studies. CCMD organizations include, but are not limited to:

- USSTRATCOM

- USNORTHCOM

- USCYBERCOM

c. Consolidate threat TTPs and other identifying data to support the CAT mission to develop and execute threat-based CAT assessment plans. Collect requirements management plans and input to post-mission products.

d. Gather and integrate intelligence community data on worldwide cyber threat trends against the MDS with a focus on cyber threats to MDA, DoD, DIBs, and the MDS.

e. Develop and present ad hoc reporting and products in support of emergent requirements and ensure MDA elements have timely and complete situational awareness of these products.

f. Manage the Intelligence Community RFI process and engage in collecting and relaying critical intelligence across MDA.

g. Respond and satisfy ad hoc taskings from the MDA elements for cyber/EW threat intelligence.

h. Support the Intelligence Requirements Division's Cyber Intelligence Team (CIT) and its efforts to ensure the cybersecurity of the MDS.

i. Develop and present cyber/EW threat intelligence briefings, white papers, and intelligence updates to Senior Leaders and the Program Elements and the offices that support them, such as Information Systems Security Managers, the Computer Emergency Response Team and Research, Development and Acquisition Division.

j. Provide cyber threat intelligence support to risk assessments conducted by MDA that are focused on future system spirals and known vulnerabilities of current systems.

k. Develop and submit PRs to support MDA's intelligence requirements.

l. Research, develop, and disseminate cyber threat intelligence reports and products daily as a member of the CIT.

m. Post products on approved portals and disseminate intelligence reporting to customers across MDA.

n. Support meetings and working groups by participating in and providing cyber threat intelligence support to their recurring meetings and preparing AARs.

o. Provide cyber intelligence and participate in cyber tabletop exercises (CTTXs), cooperative vulnerability penetration testing (CVPA), adversarial assessments (AA), control validation tests (CVTs).