Today
Top Secret/SCI
Unspecified
Unspecified
IT - Security
Huntsville, AL (On-Site/Office)
TMC Technologies is in search of a SME-level Cybersecurity Analyst to join the FBI's ESOC Cyber Threat Intelligence (CTI) Team. TheCTI Teamis responsible for monitoring and analyzing external cyber threat data to provide insights and actionable intelligence about potential cyber threats. The candidate must be a US citizen and possess a minimum of an active Top Secret clearance with Sensitive Compartmented Information (SCI) eligibility to start due to federal contract requirements. This position is in support of a contract bid opportunity with expected award in mid-June 2025.
The CTI Cybersecurity Analyst - SME will have the following responsibilities:
- Monitor open-source websites for hos le content directed towards organizational or partner interests.
- Gather information from private and proprietary sources, including paid subscriptions, information-sharing communities, or partnerships with other organizations.
- Analyze collected data to identify potential threats, vulnerabilities, and emerging trends.
- Enrich data with context to provide a more comprehensive understanding of threats, such as attributing specific threats to threat actors or groups.
- Provide tactical intelligence that helps the SOC understand the specifics of current threats, including indicators of compromise (IOCs), tac cs, techniques, and procedures (TTPs) used by attackers.
- Offer strategic intelligence to help the organization anticipate long-term trends, understand the motivations of threat actors and plan for future cybersecurity challenges.
- Assist the SOC during ongoing incidents by providing real-time intelligence updates, context, and guidance to help investigate, contain, and remedy threats.
- Provide information for known vulnerabilities and potential zero-day threats to help the SOC prioritize and patch systems accordingly.
- Actively participate in information-sharing communities and industry groups and collaborate with other organizations to gain and contribute to a
collective understanding of the threat landscape.
- Educate SOC analysts and other relevant teams on the latest threats, attack techniques, and defensive strategies to enhance the overall cybersecurity awareness within the organization.
- Routinely provide reports and briefings to key organizational stakeholders to keep them informed about the evolving threat landscape and the effectiveness of current security measures.
- Possess proficient understanding of intelligence fusion.
- Possess proficiency in performing threat factor analysis.
- Possess a comprehensive understanding of cyber threat landscapes, including current and emerging threats and vulnerabilities.
- Demonstrate expertise in established cyber threat intelligence frameworks, such as MITRE ATT&CK, to inform security strategies and enhance threat analysis.
- Have in-depth knowledge of advanced persistent threats (APTs), including their lifecycle, detection methods, and mitigation strategies.
- Apply threat modeling methodologies, such as STRIDE and DREAD, in conducting risk assessments and evaluating potential threats.
- Analyze geopolitical factors that influence cyber threats and assess their potential impact on organizational risk and decision-making.
- Understand the operational capabilities and limitations of security technologies utilized within the SOC, ensuring effective threat response.
- Be knowledgeable about legal and ethical considerations related to threat intelligence, including data privacy laws and compliance requirements.
- Possess expertise in open-source intelligence (OSINT) collection methods and tools to enhance overall threat intelligence capabilities.
- Have a thorough understanding of incident response processes, methodologies, and best practices, contributing to effective threat mitigation.
- Comprehend the implications of artificial intelligence and machine learning technologies in threat detection and response strategies.
- Be familiar with threat intelligence sharing platforms and collaborative frameworks, such as Information Sharing and Analysis Centers (ISACs).
- Stay informed about industry best practices and trends in cyber threat intelligence, adapting to the evolving landscape of cyber threats and defenses.
- Possess exceptional analytical skills to evaluate and synthesize threat data from diverse sources, identifying complex attack patterns and trends.
- Be proficient in developing and disseminating actionable threat intelligence reports and briefings tailored to stakeholder needs.
- Demonstrate advanced proficiency in using threat intelligence platforms and tools for effective data aggregation and analysis.
- Excel in conducting threat hunting activities to proactively identify and mitigate potential threats within the environment.
- Exhibit strong strategic thinking skills to align threat intelligence initiatives with organizational goals and risk management strategies.
- Demonstrate leadership capabilities to influence and drive security initiatives, promoting a proactive threat intelligence posture across the organization.
- Mentor and train junior analysts, fostering a culture of continuous improvement and knowledge sharing within the CTI team.
- Be skilled in developing threat models and conducting risk assessments to support security planning and prioritization.
- Conduct thorough post-incident analyses, identifying lessons learned and recommending improvements for future readiness.
- Possess strong problem-solving skills to effectively investigate and resolve security incidents.
Job Requirements
- US Citizenship and active Top Secret clearance with SCI eligibility required
- Minimum of 10 years of relevant experience required
- Experience with identifying indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs) used by attackers required
- Expertise in established cyber threat intelligence frameworks, such as MITRE ATT&CK required
- Experience with open-source intelligence (OSINT) collection methods and tools required
- Bachelor's Degree preferred
- Relevant industry certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Cyber Threat Intelligence Analyst (CCTIA) required
- Splunk Enterprise Security certification required
- Preferred certifications include:
GIAC Cyber Threat Intelligence (GCTI)
Microsoft Sentinel
We are equal opportunity/affirmative action employers, committed to diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status, or any other protected characteristic under state or local law.
The CTI Cybersecurity Analyst - SME will have the following responsibilities:
- Monitor open-source websites for hos le content directed towards organizational or partner interests.
- Gather information from private and proprietary sources, including paid subscriptions, information-sharing communities, or partnerships with other organizations.
- Analyze collected data to identify potential threats, vulnerabilities, and emerging trends.
- Enrich data with context to provide a more comprehensive understanding of threats, such as attributing specific threats to threat actors or groups.
- Provide tactical intelligence that helps the SOC understand the specifics of current threats, including indicators of compromise (IOCs), tac cs, techniques, and procedures (TTPs) used by attackers.
- Offer strategic intelligence to help the organization anticipate long-term trends, understand the motivations of threat actors and plan for future cybersecurity challenges.
- Assist the SOC during ongoing incidents by providing real-time intelligence updates, context, and guidance to help investigate, contain, and remedy threats.
- Provide information for known vulnerabilities and potential zero-day threats to help the SOC prioritize and patch systems accordingly.
- Actively participate in information-sharing communities and industry groups and collaborate with other organizations to gain and contribute to a
collective understanding of the threat landscape.
- Educate SOC analysts and other relevant teams on the latest threats, attack techniques, and defensive strategies to enhance the overall cybersecurity awareness within the organization.
- Routinely provide reports and briefings to key organizational stakeholders to keep them informed about the evolving threat landscape and the effectiveness of current security measures.
- Possess proficient understanding of intelligence fusion.
- Possess proficiency in performing threat factor analysis.
- Possess a comprehensive understanding of cyber threat landscapes, including current and emerging threats and vulnerabilities.
- Demonstrate expertise in established cyber threat intelligence frameworks, such as MITRE ATT&CK, to inform security strategies and enhance threat analysis.
- Have in-depth knowledge of advanced persistent threats (APTs), including their lifecycle, detection methods, and mitigation strategies.
- Apply threat modeling methodologies, such as STRIDE and DREAD, in conducting risk assessments and evaluating potential threats.
- Analyze geopolitical factors that influence cyber threats and assess their potential impact on organizational risk and decision-making.
- Understand the operational capabilities and limitations of security technologies utilized within the SOC, ensuring effective threat response.
- Be knowledgeable about legal and ethical considerations related to threat intelligence, including data privacy laws and compliance requirements.
- Possess expertise in open-source intelligence (OSINT) collection methods and tools to enhance overall threat intelligence capabilities.
- Have a thorough understanding of incident response processes, methodologies, and best practices, contributing to effective threat mitigation.
- Comprehend the implications of artificial intelligence and machine learning technologies in threat detection and response strategies.
- Be familiar with threat intelligence sharing platforms and collaborative frameworks, such as Information Sharing and Analysis Centers (ISACs).
- Stay informed about industry best practices and trends in cyber threat intelligence, adapting to the evolving landscape of cyber threats and defenses.
- Possess exceptional analytical skills to evaluate and synthesize threat data from diverse sources, identifying complex attack patterns and trends.
- Be proficient in developing and disseminating actionable threat intelligence reports and briefings tailored to stakeholder needs.
- Demonstrate advanced proficiency in using threat intelligence platforms and tools for effective data aggregation and analysis.
- Excel in conducting threat hunting activities to proactively identify and mitigate potential threats within the environment.
- Exhibit strong strategic thinking skills to align threat intelligence initiatives with organizational goals and risk management strategies.
- Demonstrate leadership capabilities to influence and drive security initiatives, promoting a proactive threat intelligence posture across the organization.
- Mentor and train junior analysts, fostering a culture of continuous improvement and knowledge sharing within the CTI team.
- Be skilled in developing threat models and conducting risk assessments to support security planning and prioritization.
- Conduct thorough post-incident analyses, identifying lessons learned and recommending improvements for future readiness.
- Possess strong problem-solving skills to effectively investigate and resolve security incidents.
Job Requirements
- US Citizenship and active Top Secret clearance with SCI eligibility required
- Minimum of 10 years of relevant experience required
- Experience with identifying indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs) used by attackers required
- Expertise in established cyber threat intelligence frameworks, such as MITRE ATT&CK required
- Experience with open-source intelligence (OSINT) collection methods and tools required
- Bachelor's Degree preferred
- Relevant industry certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Cyber Threat Intelligence Analyst (CCTIA) required
- Splunk Enterprise Security certification required
- Preferred certifications include:
GIAC Cyber Threat Intelligence (GCTI)
Microsoft Sentinel
We are equal opportunity/affirmative action employers, committed to diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status, or any other protected characteristic under state or local law.
group id: 10205365
