Senior Cyber Threat Intel Analyst

Woodlawn MD

Full Time Senior-level / Expert

Cyber Threat Intelligence and Information Sharing Team Analyst (Senior)

Location: Remote/Within 50-mile radius of Baltimore, MD

Hours:  7:30 am – 4:30 pm

Position Summary:

XOR Security  is a rapidly growing information security and information technology company in Washington, DC. We are looking to hire a Senior Cyber Threat Intelligence and Information Sharing Team (CTI) Analyst to provide a full range of cyber security and cyber counterintelligence services. . The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.

Job Requirements:

  • Able to work independently
  • Strong interpersonal and communications skills
  • Must be able to work with professionals of varying sectors and skills and technical knowledge
  • Working knowledge in the cleared community
  • 6 years+ of experience in cyber counterintelligence and investigations background with the following working knowledge:
    • Cyber threat intelligence research and analysis and workflow
      • Open-source research
      • Propriety tools
    • Network incident response
    • Technical report writing
    • Investigative or analytical report writing
    • Technical knowledge in methods and procedures for network exploitation and mitigation
      • Must be able to distinguish different types of exploitation methods
      • Must be able to understand the different methods of network communication
      • Demonstrate knowledge in the TCP/IP and OSI model and apply the concept to analysis of log files and metadata such as pcap, netflow data and email metadata
    • Application of critical thinking in conducting analysis
    • Working knowledge in threat actor/indicators research and analysis
    • Working knowledge in modus operandi of nation state actors and associated tactics, techniques and procedures
    • Experience and confidence in briefing senior staffs
    • Working knowledge in information handling and information sharing
    • Must possess independent reference and resource libraries on the web
    • Strong knowledge in multi-disciplined full spectrum cyber operations and the difference between the disciplines and taxonomy
    • Experience in handling sensitive and/or classified data as needed
    • Experience in conducting research in classified environment
    • Experience with threat-modeling and assessing risk to the environment
    • Technical knowledge of exploitation techniques, tactics, and procedures
    • Team player with a positive attitude
    • Experience in aggregating data and writing periodic trend reports
    • Experience in cyber insider threat program


Certifications/Clearances Required:

  • SEC+ or CEH Certification
    • NET+ as an option to the CEH
  • Top Secret/SCI Clearance


Additional Experience Preferred:

  • Knowledge in malware analysis
  • Knowledge in host-based forensics
  • Prefer prior law enforcement experience (DoD or federal)
  • Prefer prior counterintelligence operations and investigations
  • Prefer experience in cyber defense operations
  • Prefer info sharing experience in joint environments (JTF/DC3/DHS, etc)

Position Responsibilities:

  • Perform IR requirements in support of SOC generated tickets for CTI support.
  • Perform technical analysis in response to the operational tickets and other ticketing systems
  • Generate analytical products and reports in response to the tickets.
  • Generate supporting documents such as a link analysis or timeline analysis for visual representation as needed
  • Track indicators identified during analysis by entering data in the tracking tool
  • Coordinate findings and/or submit inquiries as needed
  • Provide technical guidance and support the customer requested tasks

CTI team conducts OSINT research on daily basis, and the role requires daily monitoring of social media activities involving CMS and the healthcare sector, whether directly or indirectly.  The activities involve identifying actionable technical indicators for SOC action; Articles of interest for the CMS leadership, identifying trends in the healthcare sector as a whole, and gauging the mood of the public towards CMS. 

  • CTI analyst will perform general research or focused research on specific information of interest and provide findings to the CCIC teams and other recipients.
  • CTI analyst will provide research function to address the CMS Counterintelligence (CI).
  • CTI analyst will generate content for the requested presentation, whether it is for a recurring activity or an ad-hoc requirement.
  • CTI analyst will conduct a system research of topical area of interest and prepare the presentation.
  • CTI analyst will be responsible for preparing and delivering the presentation once assigned.

Due to the nature CTI mission, communications beyond CMS and HHS departments are often required to coordinate either analytical findings or to submit an RFI. 

  • CTI analyst will coordinate with assigned GTLs and other fed functional areas to coordinate and collaborate information of significance
  • CTI analyst will work with cross-functional teams to better integrate findings and create a more robust CTI program

Administrative Functions

Provides weekly accomplishment input to the lead

Participates in conferences

Participates in the weekly and bi-weekly info sharing and collaboration meetings (webex)

Closing Statement:

XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.

XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.

Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP 


Tags: CEH Clearance Cyber defense DoD Forensics Incident response Log files Malware Monitoring OSINT PCAP TCP/IP Threat intelligence Top Secret TS/SCI

Perks/benefits: 401(k) matching Conferences Health care

Job stats:  0  0  0
  • Share this job via
  • or

Other jobs like this

Explore more Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.