Intelligence Specialist III

• Focuses on how intelligence is collected rather than on the foreign intelligence issue itself.
• Evaluates which systems produce the most valuable and relevant information and identifies collection gaps.
• Documents the government or military's intelligence information needs and collection methods and communicates them to other intelligence collector organizations.
• Advises senior decision makers on the application of assets, technical solutions, formulation of intelligence policy, and allocation of resources to affect the collection against the nation's foreign intelligence requirements.
• Provides support in areas such as Human Source Intelligence (HUMINT), Counterintelligence Criminal Analysis, and Open-Source Intelligence, including collection management, analysis, and tasking.
• Applies expertise in counter terrorism, subversion, sabotage, and espionage threats posed by various entities within the area of operations; as well as familiarity with threat analysis, operations, and related systems, such as the Migration Defense Intelligence Threat Data System (MDITDS), Intelligence Information Report (IIR) production, Virtual Counterintelligence/Human Intelligence Analysis and Processing System (VCHAPS).
• In carrying out these tasks, drafts memoranda and reports, works with sophisticated databases and computer systems, and participates in diverse committees and working groups.

• TS/SCI with polygraph
• 2 years of experience as an instructor in threat analysis or 3 years of experience in a leadership position, with 4 or more direct reports, in an organization such as a Security Operations Center, a Cyber Emergency Response

• Individual should meet DODM 8570.01 IAT Level III position requirement

• Bachelor's degree or higher in Computer Science, Software Engineering, or Computer Engineering from an accredited college or university and 6 years of experience in the degree fields OR
• Global Information Assurance Certification (GIAC), Certified Forensics Analyst (GCFA) Certification or GIAC, Certified Intrusion Analyst (GCIA) Certification with 10 years of experience in both Host analysis and

• 12 years of experience in Offensive Cyber Operations as an Interactive Operator on-Network (ION) or Exploitation Analyst (EA)

• Correlation of data from multiple sources, including host, network, user, and intelligence reports to uncover threats
• Collection, aggregation, and interpretation of log data from various sources
• Configuration, management, and optimization of Network Intrusion Detection Systems and Host-based Intrusion Detection Systems to include fine-tuning security rule sets for tools such as Suricata, Snort, Yara, and Sigma
• Deep packet inspection and identification of malicious traffic using packet analysis tools, such as Wireshark or Network Miner
• Threat hunting to identify advanced persistent threats and zero-day vulnerabilities using various threat hunting methodologies
• Provide input into DCO mission products such as pre-mission planning briefs, situation reports, post mission documentation, after action reports and lessons learned at the conclusion of events such as operations, exercises, and training
• Integration and management of SIEM and SOAR platforms, such as Elastic, Splunk, Sentinel, and other open-source or government provided solutions

Peraton