Threat Analysis, Lead Associate

This Cyber Threat Analyst position supports the Defense Cyber Crime Center (DC3) and participates as a team member performing threat analyses based on knowledge of cybersecurity and concepts supporting intelligence analysis requirements for all-source cyber analysis and reporting. Contributes to development of analytical threat models and provides functional guidance and direction to threat studies team in overall conduct of project(s). Leverages scanning tools (i.e., VirusTotal) to conduct suspicious file scanning; performing queries, pivoting on indicators, and malware analysis on characteristics (Message-Digest Algorithm 5 (MD5), Secure Hash Algorithm 1 (SHA1), file size, file name, file paths, etc.). Work activities are performed under general guideline and direction. Supports team performing expert-level research and analysis of intelligence and related data support of threat studies. Provides advice, guidance and direction to threat studies team. Prepares, submits and presents reports and issue papers to customer representatives. Requires knowledge of advanced threat analysis technology in such areas as telecommunications, computer science, electronic warfare. Requires a detailed knowledge of Department of Defense and service level (Army, Navy, Air Force) intelligence communities, including collection methods and production resources and responsibilities. Requires skills and abilities in supervising the handling classified information. Requires strong knowledge of technology related to cybersecurity. Provides leadership, guidance, and direction to less-senior analysts. Uses Jira to to track analysis tasks and communicate status. Uses Columbo, the DAD, and Splunk to ingest, manage, and fuse multiple intelligence streams and perform analysis. Uses Goldrush as required in place of Jira. May leverage tools such as Looking Glass, Dark Cubed, etc. to obtain, fuse, and analyze cyber threat intelligence.

• Experience conducting in-depth research in classified and commercial databases and producing written products showing Advanced Persistent Threat (APT) pattern analysis 
• Experience with SIEM technologies 
• Knowledge of current and emerging cyber adversaries and their techniques, tactics, and procedures (TTPs) 
• Knowledge of threat modeling and adversary tactics and techniques frameworks, including MITRE ATT&CK matrices, Cyber Kill Chain, STRIDE, or PASTA 
• Experience with Department of Defense Cyber Operations 
• Top Secret/SCI security clearance required 
• 5 years with BS/BA, 3 years with MS/MA, 0 years with PhD with years experience in cyber threat intelligence, intelligence analysis or other relevant field; 8 years of experience in lieu of a degree.

Preferred Additional Skills 

• Sec+, CISSP, GCTI or other relevant certification 
• Cybersecurity consulting experience a plus 

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.