Cyber Security Intelligence Analyst (OSINT)

About Peraton

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.

Program Overview

Delivers configurable, scalable, and adaptable cybersecurity solutions to meet the evolving needs of the warfighting customer. This program supports a range of key roles, including specialists in information security, cyber engineering, penetration testing, and Navy validation, all working together to enhance the security and resilience of naval systems and installations.

About The Role

Peraton is seeking qualified individuals to join our team to provide engineering support for Cyber Situational Awareness (SA), Cyber Command and Control (C2), Mission Assurance, and Homeland Defense in Virginia Beach, Virginia.

This includes conducting Intelligence Analysis, Agile software engineering in a Development, Security, and Operations (DevSecOps) environment, performing Cloud architectural design, operation, and administration functions, and cyber security and Risk Management Framework (RMF) support. Also included are rapid design, development, test, deployment, maintenance and operation of specific software and hardware capabilities to meet current Cyber Defensive needs.

**Note: This is a Mon-Fri Day shift on site position at Dam Neck in Virginia Beach, VA (NO remote or hybrid schedule offered)**

Peraton has an opportunity for a Cyber Intelligence Analyst to:

Working as expert, you will conduct research and evaluate technical and all-source intelligence with specific emphasis on network operations and cyber warfare tactics, techniques, and procedures focused on the threat to networked weapons platforms and US and DoD information networks. Analyzes network events to determine the impact on current operations and conduct all-source research to determine advisory capability and intent. Prepares assessments and cyber threat profiles of current events based on the sophisticated collection, research, and analysis of classified and open-source information. Correlates threat data from various sources. Develops and maintains analytical procedures to meet changing requirements and ensure maximum operations. Collects data using a combination of standard intelligence methods and business processes. Produces high-quality papers, presentations, recommendations, and findings for senior US government intelligence and network operations officials.

The ideal candidate will evaluate target opportunities, analyze cybersecurity data, develop new analytical tradecraft, and collaborate with various stakeholders to enhance our mission's effectiveness. Join our team to leverage your cybersecurity analysis expertise and contribute to safeguarding critical systems and infrastructure.

Responsibilities & Duties:

• Utilizing publicly available information to inform cyber Red Team operations.
• Utilizing open-source research or collection of PAI sources including social media (including non-traditional platforms), public records, blogs, databases, maps, videos, academic literature, news media and journals, technical publications, professional publications, economic data, demographic data, and survey research,
• Leveraging common OSINT methodologies, including Boolean logic, information gathering, identity resolution, analysis, data exploitation, and commercial and industry-based tools/databases
• Utilizing common open-source data aggregators/tools
• Writing reports and developing products for military customers, based on research
• identified within publicly available information (PAI)
• Analyzing operator logs and generate Action Maps in support of Red Team
  operations.
• Developing products that adhere to Institute for Defense Analysis (IDA) and
  Director, Operational Test and Evaluation (DOT&E) standards
• Analyzing and interpreting threat intelligence reports, identify emerging threats;
  assess their impact on organizational security.
• Utilizing cybersecurity tools and platforms such as SIEM (e.g., Splunk, QRadar),
  threat intelligence platforms (e.g., Recorded Future, ThreatConnect), and endpoint
  detection and response (EDR) tools to identify and parse data for analysis.
• Conducting data analysis. Correlating data from multiple sources to identify patterns
  and trends.
• Using common scripting languages (e.g., Python, PowerShell) to automate common
  tasks.
• Using critical thinking to solve complex problems related to cyber threats and
  vulnerabilities.
• Creating detailed and clear threat intelligence reports, including executive summaries
  and technical briefings.
• Evaluating and report on current cyber threat landscape, including threat actors,
  tactics, techniques, and procedures (TTPs).
• Correlating cyber threats and associated TTPs to the MITRE ATT&CK. Develop
  threat actor technical capabilities briefings.
• Leveraging open source intelligence techniques and tools to gather, analyze, and
  validate information from publicly available sources.
• Conducting advanced OSINT searches.
• Use OSINT tools (e.g., Maltego, Shodan, OSINT Framework) to extract and synthesize relevant data.
• Performing analysis and integrate OSINT findings with other intelligence sources to provide comprehensive threat assessments and actionable insights.
• Adhering to ethical and legal considerations when collecting and using open source information.
• Utilizing verbal and written communication methods, to convey complex technical information to non-technical stakeholders.
• Collaborating within a team environment and interact with cybersecurity specialist to achieve operational objectives.Maintaining a high level of attention to detail and accuracy in analyzing data and preparing documentation.
• Adapting to changing requirements and priorities in a dynamic work environment.
• Manage multiple tasks and projects simultaneously, prioritize effectively, to meet
  deadlines.
• Demonstrating a strong commitment to maintaining confidentiality, integrity, and
  professionalism in handling sensitive information.
• Adhering to ethical standards and best practices in cybersecurity and intelligence
  operations.
  

Qualifications

• Minimum of 5 years with BS/BA, minimum of 3 years with MS/MA
  • Four years of relevant experience will be considered in lieu of a Bachelor's degree.
• Experience with using OSINT tools (e.g., Maltego, Shodan, OSINT Framework) to extract and synthesize relevant data.
• Experience in Intelligence and Analysis (geospatial analysis, intelligence support, and data visualization or similar)
• An understanding of how to pull data from multiple sources, analyze the data and provide detailed reports on the extracted and evaluated data, using both traditional and non-traditional methods.
• Experience providing targeting & intelligence support
• Shall have demonstrated experience in developing test plans.
• Proven experience in performing analysis, identifying vulnerabilities, and conducting exploitation across all OSI model layers.
• Familiarity with programming languages such as Python or C++ for scripting and automation.
• Understanding of encryption techniques, routing, and network infrastructure.
• Experience with Computer Network Operations (CNO) processes and capabilities.
• Knowledge of Intelligence Community (IC) methods, tools, and techniques for computer network exploitation.
• Ability to use processes and tools for signals intelligence discovery analysis.
• Proficiency in assessing network vulnerabilities and identifying key network topology
• Minimum certification as 541 (or similar as required by the Technical Instruction) at the Intermediate level per DoDD 8140.01, or successor. (current CERT or ability to obtain prior to start)
• Top Secret Security Clearance with SCI eligibility
• Current US Passport or ability to obtain.

Desired Skills:

• Shall have demonstrated experience utilizing packet analyzer tools such as Wireshark and tcpdump.
• Shall have demonstrated experience utilizing penetration tools.
• Experience with dataflow and signals intelligence architecture.
• Experience with penetration testing tools.
• Strong collaboration skills and experience interacting with IC partners.
• Experience as a formal instructor or trainer in relevant technical disciplines.
• Knowledge of ports, protocols, and common network configurations.

SCA / Union / Intern Rate or Range

Details

Target Salary Range: $86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors.

EEO:Peraton is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or other characteristic protected by law.