-
Summary
Top Skills' Details
** Must have an Active TS/SCI**
**Must have a GCTI or GCFA certification and IAT level2 Cert** 1. Formal intelligence analysis training and government experience.
2. Previous experience working with hunting tools and technologies
3. Experience with open source Malware Analysis platforms (Assemblyline, Cuckoo, Malboxes). Job Description-
Analyze current and historical traffic entering the Air Force network using ArcSight (SIEM technology), Centaur, Noesis, Splunk, ELK, Fidelis, Solera, Niksun, Wireshark and other available tools (commercial and government provided), including OSINT and other classified reporting databases.
Determine if the network traffic requires further investigation of the Air Force asset(s) in question.
Correlate various data points using historical network traffic, operational events, reporting patterns, and other data to discern anomalies, patterns, or trends.
Perform post intrusion correlation to ensure current incidents are contained and have not spread to other Air Force Bases, networks or enclaves.
Provide tipper information to other organizations when required.
Collect weekly and monthly metrics (or as required) and trend information for organizational reports (as required) and long‐term analysis.
Continuously review (24/7/365) NCTOC reports, Tippers, SIGACTS, emails and other self‐reported problems and events.
Conduct research and gather threat intelligence on advanced threat actors.
Conduct Data Analysis for mission discovery of cyber threats and conduct characterization and attribution of those threats.
Identify cyber threats, trends, and new developments on various cyber security topics by analyzing raw intelligence and data which includes geopolitical and transnational events.
Present results to analysts and operators and train them how to recognize changes in operational environment likely to cause mission success or failure.
Create visual displays conveying situational awareness and engagement effectiveness assessments to the operational crews. (CDRL A008)
Analyze current all‐source intelligence from applicable intelligence community sources concerning adversary telecommunication and computer network systems supporting adversary C4I processes. Provide analytical reports and state findings or integrate conclusions into overall squadron generated composite reports, briefings, and target profile folders.
Provide analytic tradecraft to gathered intelligence in a consistent manner.
Develop and refine cyber threat intelligence collection and analysis processes.
Assist crews and analysts to determine most efficient means of execution (course of action) against malware, adversary TTPs, threat actors and the MITRE attack framework with respect to AFCERT weapons.
Write technical operational reports associated with systems that extensively involve telecommunications and telecommunications interfaces, IT, computer network defense (CND), computer networking, and network security. (CDRL A002)
Make analytical predictions about cyber actors and their future activities based on available data. Recognize threats by performing relevant research and data analysis using both internal and external tools and resources.
Produce detailed intelligence analysis reports on cyber threats with a potential to impact AF networks, systems and enclaves. (CDRL A008)
Present relevant findings to both technical and non‐technical audiences.
Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotates. Requirements:
DoDD 8570.01‐M/8140.01 I AT Level II CND
Active TS/SCI
Formal intelligence analysis training and government experience.
BA/BS or MA/MS.
Previous experience working with hunting tools and technologies.
Understanding of Networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP).
Experience with open source Malware Analysis platforms (Assemblyline, Cuckoo, Malboxes).
Experience with one or more commercial Malware Analysis platforms (Joe Sandbox, VirusTotal, etc.) knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community
(e.g., Open Source projects) ********************************************************************************************************* • This position requires an active DoD Clearance (Secret, Top Secret, Top Secret/SCI) or the ability to be obtain an (Interim Secret, Interim Top Secret) • Because an active or interim DoD clearance is required, U.S. Citizenship is required Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: -Medical, dental & vision -Critical Illness, Accident, and Hospital -401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available -Life Insurance (Voluntary Life & AD&D for the employee and dependents) -Short and long-term disability -Health Spending Account (HSA) -Transportation benefits -Employee Assistance Program
-Time Off/Leave (PTO, Vacation or Sick Leave) -
Job Description
Top Skills' Details
** Must have an Active TS/SCI**
**Must have a GCTI or GCFA certification and IAT level2 Cert** 1. Formal intelligence analysis training and government experience.
2. Previous experience working with hunting tools and technologies
3. Experience with open source Malware Analysis platforms (Assemblyline, Cuckoo, Malboxes). Job Description-
Analyze current and historical traffic entering the Air Force network using ArcSight (SIEM technology), Centaur, Noesis, Splunk, ELK, Fidelis, Solera, Niksun, Wireshark and other available tools (commercial and government provided), including OSINT and other classified reporting databases.
Determine if the network traffic requires further investigation of the Air Force asset(s) in question.
Correlate various data points using historical network traffic, operational events, reporting patterns, and other data to discern anomalies, patterns, or trends.
Perform post intrusion correlation to ensure current incidents are contained and have not spread to other Air Force Bases, networks or enclaves.
Provide tipper information to other organizations when required.
Collect weekly and monthly metrics (or as required) and trend information for organizational reports (as required) and long‐term analysis.
Continuously review (24/7/365) NCTOC reports, Tippers, SIGACTS, emails and other self‐reported problems and events.
Conduct research and gather threat intelligence on advanced threat actors.
Conduct Data Analysis for mission discovery of cyber threats and conduct characterization and attribution of those threats.
Identify cyber threats, trends, and new developments on various cyber security topics by analyzing raw intelligence and data which includes geopolitical and transnational events.
Present results to analysts and operators and train them how to recognize changes in operational environment likely to cause mission success or failure.
Create visual displays conveying situational awareness and engagement effectiveness assessments to the operational crews. (CDRL A008)
Analyze current all‐source intelligence from applicable intelligence community sources concerning adversary telecommunication and computer network systems supporting adversary C4I processes. Provide analytical reports and state findings or integrate conclusions into overall squadron generated composite reports, briefings, and target profile folders.
Provide analytic tradecraft to gathered intelligence in a consistent manner.
Develop and refine cyber threat intelligence collection and analysis processes.
Assist crews and analysts to determine most efficient means of execution (course of action) against malware, adversary TTPs, threat actors and the MITRE attack framework with respect to AFCERT weapons.
Write technical operational reports associated with systems that extensively involve telecommunications and telecommunications interfaces, IT, computer network defense (CND), computer networking, and network security. (CDRL A002)
Make analytical predictions about cyber actors and their future activities based on available data. Recognize threats by performing relevant research and data analysis using both internal and external tools and resources.
Produce detailed intelligence analysis reports on cyber threats with a potential to impact AF networks, systems and enclaves. (CDRL A008)
Present relevant findings to both technical and non‐technical audiences.
Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotates. Requirements:
DoDD 8570.01‐M/8140.01 I AT Level II CND
Active TS/SCI
Formal intelligence analysis training and government experience.
BA/BS or MA/MS.
Previous experience working with hunting tools and technologies.
Understanding of Networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP).
Experience with open source Malware Analysis platforms (Assemblyline, Cuckoo, Malboxes).
Experience with one or more commercial Malware Analysis platforms (Joe Sandbox, VirusTotal, etc.) knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community
(e.g., Open Source projects) ********************************************************************************************************* • This position requires an active DoD Clearance (Secret, Top Secret, Top Secret/SCI) or the ability to be obtain an (Interim Secret, Interim Top Secret) • Because an active or interim DoD clearance is required, U.S. Citizenship is required Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: -Medical, dental & vision -Critical Illness, Accident, and Hospital -401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available -Life Insurance (Voluntary Life & AD&D for the employee and dependents) -Short and long-term disability -Health Spending Account (HSA) -Transportation benefits -Employee Assistance Program
-Time Off/Leave (PTO, Vacation or Sick Leave) -
ABOUT THE COMPANY
-
-
Government Careers
Show moreGovernment jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.
Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.
Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.
-