Cyber Threat Intelligence Analyst

  • Location
    Pensacola, Florida
  • Sector
  • Experience
    Mid Career
  • Posted
    May 10

Position description

As the largest pure-play IT services provider serving the U.S. government sector, CSRA is where you can come to be successful. Join a collaborative team, solving customer issues and accessing an array of resources for your success. Take advantage of tremendous opportunities as you help us chart our path to industry leadership, and tap into our collective 90+ year heritage. With combined FY15 revenues of approximately $5.5 billion and nearly 19,000 employees, CSRA represents the coming together – figuratively and literally – of two outstanding companies: the North American Public Sector business of CSC and SRA. Join us and watch your career take flight.


CSRA is seeking an experienced Intelligence Analyst with quantifiable experience operating in the cyber domain to join a highly effective and collaborative SOC team of Vulnerability Analysts and Incident Handlers executing Dynamic Network Defense Operations in support of a national government partner. CSRA is seeking candidates capable of analyzing information and intelligence relevant to threats that present a risk to the systems, infrastructure, resources and business practices of the client. Ideal candidates are experienced in analyzing cyber threats and security intelligence and determining indicators of compromise, root causes of exploit, and collaborating with Incident handlers in determining corrective actions. Successful candidates will have a track record of successful relationship-building in the Intelligence Community, as well as a concrete grasp of legal, oversight, and disclosure issues related to the use of multi-source intelligence in support of a mission operating environment. A background in technical intelligence fields is a plus, such as Signals Intelligence, Electronic Warfare, or Information Warfare.

Essential Job Functions

  • Performs computer and/or network security threat assessments to identify, evaluate and mitigate security risks, and vulnerabilities. 
  • Designs, implements, integrates, configures and tests computer and network security solutions to manage the network/system's firewalls and intrusion detection systems.
  • Provides Root Cause Analysis, Trend Analysis, and Predictive Analysis support to Vulnerability Assessors and Incident Handlers in support of event response actions and persistent active monitoring efforts.
  • Coordinate with members of intrusion analysis, incident response, vulnerability assessment, external assessment, and cyber threat analysis teams to expand the capabilities of the organization
  • Provides communication and escalation to senior leadership and mission partners on completed intelligence efforts which will enable informed decision making.
  • Triage, process and analyze cyber threats originating from the various Intel feeds and analytics systems
  • Perform detailed analysis of threats during the incident process, combining sound analytical skills with advanced knowledge of IT security and network threats
  • Analyze cyber threat data and correlate with existing understanding of customer environments
  • Perform post event analysis on logs, traffic flows, and other activities to identify malicious activity
  • Reviewing weekly, monthly and on demand threat intelligence reports
  • Establishes and maintain open lines of communication with a wide range of data asset owners throughout the Intelligence Community (IC). 
  • Facilitate Analyst to Analyst Exchange relationships for members of the team throughout the IC.
  • Develops intelligence process to acquire, synthesize, and disseminate all-source Intelligence data to assist Incident Handlers in identifying and disrupting adversary cyber kill chain activities.
  • Maintains daily awareness of Threat Information/Intelligence germane to supported business operations through open source, government sector, and private sector intelligence sources.
  • Collaborates with Vulnerability Assessors and Incident Handlers, develop and deliver Risk Assessment Briefings, dashboard products, security tools tuning as required.
  • Participation in classified briefings that may help inform intelligence efforts and the ability to articulate assessments based on provided information
  • Prepares and deliver intelligence products for analysts, users, and mission partners on threat actors, TTPs, and vulnerabilities that hold client business practices at risk.
  • Advises and assist Incident Handlers on production of threat-specific IDS/IPS content.
  • Develop and implement an intelligence enabled Operational Security (OPSEC) Program to train the technical and non- technical user base on current threats and best practices to minimize risk to mission and personnel.
  • Designs and implements information assurance and security engineering systems with requirements of business continuity, operations security, cryptography, forensics, regulatory compliance, internal counter-espionage (insider threat detection and mitigation), physical security analysis (including facilities analysis, and security management). 
  • Assesses and mitigates system security threats and risks throughout the program life cycle. 
  • Validates system security requirements definition and analysis. 
  • Establishes system security designs. Implements security designs in hardware, software, data, and procedures. 
  • Verifies security requirements; performs system certification and accreditation planning and testing and liaison activities. 
  • Supports secure systems operations and maintenance.
  • Prepares intelligence assessments through intelligence gathering using multiple intelligence sources such as human intelligence (HUMINT), signals intelligence (SIGINT), geospatial intelligence (GEOINT), measurement and signal intelligence (MASINT), open source intelligence (OSINT) to support customers including military, intelligence, law enforcement or security agencies.
  • Processes information about situations and entities of strategic, operational or tactical importance; characterizes possible future actions and identifies possible courses of action or remedies.
  • Analyzes current intelligence holdings, identifies potential shortfalls, gaps and vulnerabilities to develop subsequent collection requirements. 
  • Develops specialized intelligence products, threat analyses, production support, and tailored intelligence products such as fusion intelligence, warning intelligence, estimative intelligence or psychological profiling. 
  • Develops moderately complex briefings, reports and short notice position papers; reviews, approves and compiles reports, overseeing submission of documentation to relevant databases, mining those databases as needed and as identified to further compile and analyze information, presents briefings to key personnel. 
  • Collaborates and supports broader security project teams.
  • Oversees the processing of incoming reports and messages, determining significance and reliability of incoming information. Integrates incoming intelligence and operational information to maintain situation awareness displays. Identifies issues and concerns and escalates as appropriate.
  • Develops periodic and special intelligence reports, plans and briefings. Recommends changes, and where appropriate, courses of action.
  • Augment the security operations team with 24/7 intelligence support and planning, as required, to maintain a high level of mission readiness and network availability.


  • BS or equivalent + 5 yrs related experience, or MS + 3 yrs related experience
  • Bachelor's degree in international relations, political science, intelligence studies, psychology or related field preferred or 8+ years of intelligence experience, or equivalent combination of education and experience
  • Possess TS/SCI clearance with current investigation
  • Graduate of an intelligence training school or equivalent
  • Experience working with specialized specific intelligence sources such as human intelligence (HUMINT), signals intelligence (SIGINT), geospatial intelligence (GEOINT), measurement and signal intelligence (MASINT), open source intelligence (OSINT); preferred level of expertise that includes section or team lead of intelligence missions
  • Experience working with intelligence organizations, preferred experience with foreign partners and national level agencies
  • Experience working with intelligence processes, policies and procedures
  • Experience working with multiple intelligence sources, databases, and content management
  • Interpersonal skills to interact with a wide variety of experienced customers and team members
  • Communication skills to interact with team members and support personnel
  • Analytical and problem solving skills for investigating security issues
  • Ability to work with intelligence databases and related tools
  • Ability to work independently with limited supervision and take the initiative to enable continuous process improvement
  • Ability to perform in a team environment and a strong desire to learn
  • Active interest in cyber security, incident detection, network and systems security
  • Familiarity with cyber-crime and cyber-attacks, responsible groups, motivations and techniques
  • Ability to prepare and present research findings across multiple levels of consumers (Executive to Analyst)
  • Motivated, detail-oriented, individual who can demonstrate proactive analytical skills and work professionally with peers and customers within a demanding mission environments
  • Willingness to travel

Desired Experience and Qualifications

  • 3+ years working in IT security and/or cyber security/threat intelligence job, preferably a 24x7 operational environment.
  • Experience/exposure to IT service management best practices (ITIL)
  • DoD 8570 standards (A+, Net+, Sec+)
  • CISSP, CEH, GCIH certifications
  • SIEM exposure (Splunk preferred)

CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Application instructions

*Please be sure to indicate that you saw this position on*

follow us on Twitter