Cyber Threat Intelligence Analyst – Lead

  • Bowie, MD, United States
  • Full-time
  • Clearance Level: TS/SCI

Company Description

MindPoint Group delivers industry-leading cybersecurity solutions, services, and products. We are the trusted cybersecurity advisors to key government and commercial decision-makers and support security operations for some of the most security-conscious organizations globally. We design and implement innovative security solutions to identify and defend against today’s risks and tomorrow’s attacks.  

We believe that helping organizations operate from the best security posture possible requires automation.  Empowering our employees to excel and providing them with the means to do so enables us to consistently exceed our clients’ expectations. 

Unlike many IT consultancies, we’re not a body shop. Our client engagements are challenging and growth-oriented. Our relationship with you is for the long run because, in this business, your success is our success. That’s why we treat investments in employees as investments in the company itself, which is why we offer fantastic benefits (healthcare, generous PTO, paid maternity and paternity leave, and tuition reimbursement, to name a few). 

But you’ll want to work here for reasons that can’t be written into an offer letter—the challenge, growth opportunities, and most important: the culture of a company that cares about you. 

We are an established, profitable, and growing company that promises you the following: 

  • A diverse organization. 
  • A safe workplace with zero tolerance for discrimination and harassment of any kind. 
  • A balanced work life. Seriously. 
  • Potential of a flexible schedule, depending on the specific customer. 
  • A leadership team focused on your professional growth and development. 

Job Description

This position is contingent upon award.  The Cyber Threat Intelligence Analyst-Lead will: 

  • Answer requests for information.
  • Provide subject matter expertise to the development of a common operational picture. 
  • Maintain a common intelligence picture.
  • Provide subject matter expertise to the development of cyber operations specific indicators.
  • Assist in the coordination, validation, and management of all-source collection requirements, plans, and/or activities.
  • Assist in the identification of intelligence collection shortfalls.
  • Brief threat and/or target current situations.
  • Collaborate with intelligence analysts/targeting organizations involved in related areas.
  • Conduct in-depth research and analysis.
  • Conduct nodal analysis.
  • Develop information requirements necessary for answering priority information requests.
  • Evaluate threat decision-making processes.
  • Identify threats to Blue Force vulnerabilities.
  • Generate requests for information.
  • Identify threat tactics, and methodologies.
  • Identify intelligence gaps and shortfalls.
  • Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations warning problem sets.
  • Monitor and report on validated threat activities.
  • Monitor open source websites for hostile content directed towards organizational or partner interests.
  • Monitor operational environment and report on adversarial activities which fulfill leadership’s priority information requirements.
  • Produce timely, fused, all-source cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies).
  • Provide subject-matter expertise and support to planning/developmental forums and working groups as appropriate.
  • Provide current intelligence support to critical internal/external stakeholders as appropriate.
  • Provide evaluation and feedback necessary for improving intelligence production, intelligence reporting, collection requirements, and operations.
  • Provide information and assessments for the purposes of informing leadership and customers; developing and refining objectives; supporting operation planning and execution; and assessing the effects of operations.
  • Provide intelligence analysis and support to designated exercises, planning activities, and time sensitive operations.
  • Provide timely notice of imminent or hostile intentions or activities which may impact organization objectives, resources, or capabilities.
  • Report intelligence-derived significant network events and intrusions.
  • Work closely with planners, intelligence analysts, and collection managers to ensure intelligence requirements and collection plans are accurate and up-to-date.

Additional responsibilities may include: 

  • Answer requests for information.
  • Provide expertise to course of action development.
  • Provide subject matter expertise to the development of a common operational picture. 
  • Maintain a common intelligence picture.
  • Provide subject matter expertise to the development of cyber operations specific indicators.
  • Assist in the coordination, validation, and management of all-source collection requirements, plans, and/or activities.
  • Assist in the identification of intelligence collection shortfalls.
  • Brief threat and/or target current situations.
  • Collaborate with intelligence analysts/targeting organizations involved in related areas.
  • Conduct in-depth research and analysis.
  • Conduct nodal analysis.
  • Maintain awareness of internal and external cyber organization structures, strengths, and employments of staffing and technology.
  • Develop information requirements necessary for answering priority information requests.
  • Engage customers to understand customers’ intelligence needs and wants.
  • Evaluate threat decision-making processes.
  • Identify threat vulnerabilities.
  • Identify threats to Blue Force vulnerabilities.
  • Generate requests for information.
  • Identify threat tactics, and methodologies.
  • Identify and evaluate threat critical capabilities, requirements, and vulnerabilities.
  • Identify and submit intelligence requirements for the purposes of designating priority information requirements.
  • Identify intelligence gaps and shortfalls.
  • Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations warning problem sets.
  • Monitor and report on validated threat activities.
  • Monitor open source websites for hostile content directed towards organizational or partner interests.
  • Monitor operational environment and report on adversarial activities which fulfill leadership’s priority information requirements.
  • Produce timely, fused, all-source cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies).
  • Provide subject-matter expertise and support to planning/developmental forums and working groups as appropriate.
  • Provide subject matter expertise to website characterizations.
  • Provide analyses and support for effectiveness assessment.
  • Provide current intelligence support to critical internal/external stakeholders as appropriate.
  • Provide evaluation and feedback necessary for improving intelligence production, intelligence reporting, collection requirements, and operations.
  • Provide information and assessments for the purposes of informing leadership and customers; developing and refining objectives; supporting operation planning and execution; and assessing the effects of operations.
  • Provide input and assist in post-action effectiveness assessments.
  • Provide input and assist in the development of plans and guidance.
  • Provide intelligence analysis and support to designated exercises, planning activities, and time sensitive operations.
  • Provide target recommendations which meet leadership objectives.
  • Provide timely notice of imminent or hostile intentions or activities which may impact organization objectives, resources, or capabilities.
  • Report intelligence-derived significant network events and intrusions.
  • Work closely with planners, intelligence analysts, and collection managers to ensure intelligence requirements and collection plans are accurate and up-to-date.

Qualifications

  • Active Top Secret clearance required 
  • Master's degree or PHD preferred, experience may be considered in lieu of degree
  • 7-10 years of experience in identifying potential and real threats to computing infrastructure and data and providing risk mitigation strategies and recommendations
  • Ability to review prioritized intelligence requirements (PIR) for additions, deletions, and changes in priority
  • Ability to ensure alignment with decisions made by agency leadership on program objectives, scope, and escalation criteria
  • Understanding that all access to classified information will be within government controlled secure facilities

Additional Information

  • All your information will be kept confidential according to EEO guidelines
  • Equal Opportunity Employer Veterans/Disabled