Tyto Athene, LLC
Cyber Threat Intelligence Analyst
Tyto Athene, LLC, Washington, District of Columbia, us, 20022
Overview
Tyto Athene is searching for a
Cyber Threat Intelligence Analyst
to support multiple cybersecurity workstreams within the Department of Health and Human Services (HHS). The individual will contribute to research, analysis, and operational support activities as part of HHS’s Cybersecurity Operations (CSO) division. The role is instrumental in assisting with the development, review, and management of cybersecurity initiatives and projects aimed at protecting HHS and its partners in the Healthcare and Public Health (HPH) sector. This position requires a foundation in cybersecurity concepts, proficiency in research methodologies, and familiarity with both open and closed intelligence sources. The analyst will work closely with senior cybersecurity professionals to enhance HHS’s capabilities in identifying and mitigating threats, as well as in maintaining strong relationships with key stakeholders and partners. Responsibilities
Support a full Cybersecurity Threat Intelligence lifecycle Collect open source, classified, and internal intelligence artifacts from investigations for actionable mitigation and technical control recommendations Apply intelligence reporting and knowledge of the security network toward the discovery of suspicious activity and to prevent and/or detect future incidents Support standardization of threat responses Deliver concise weekly strategic and tactical intelligence reports Assess and outline the implications of reports to the client Support process improvement of the current cyber threat program and alignment with the strategic program Threat Intelligence Collection and Analysis
Conduct exhaustive reviews of open-source cybersecurity reporting, including industry blogs, security forums, and public vulnerability databases Access and analyze closed-source reporting from trusted partners and paid threat intelligence services, including tools like Intel 471 and Mandiant Implement automated tools for continuous monitoring of threat landscapes, including the dark web, hacking forums, and other relevant sources Prioritize intelligence gathering on threats specifically targeting HHS systems Threat Actor Profiling
Assist in the development and maintenance of comprehensive threat actor profiles, detailing motivations, capabilities, historical activities, and preferred tactics Conduct link analysis to identify connections between different threat actors and campaigns Product Development
Develop cybersecurity products such as white papers, analyst notes, and legislative analysis reports to support internal decision-making and inform the broader HPH sector Support the creation of tailored threat briefings for various audiences, including technical teams and executive leadership, ensuring stakeholders understand key threats and their impact Classified and Specialized Research
Maintain proficiency in specialized Intelligence Community (IC) tools such as Intelink, Lucky, OSE, Pulse, TAC, and Wire Assist in the integration of classified information with unclassified data to enhance threat intelligence analysis Conduct classified research and prepare intelligence reports for audiences with varying levels of security clearance (up to TS/SCI) Information Sharing and Relationship Building
Develop relationships with classified information custodians across HHS to facilitate information sharing Engage with external cybersecurity organizations to facilitate the exchange of information Participate in classified briefings and contribute to information sharing initiatives aimed at enhancing collective cybersecurity defenses Support Threat Briefings
Develop and deliver threat briefings that cater to both technical and non-technical audiences Assist in the development of detailed threat landscape reports and intelligence summaries for leadership, using qualitative and quantitative analysis Collaboration and Stakeholder Engagement
Assist in building relationships with internal and external cybersecurity stakeholders, including industry partners Support efforts to enhance the sharing of threat intelligence and ensure the HHS Cybersecurity Operations team remains informed on emerging threats and vulnerabilities Required qualifications
Bachelors degree and 4 years of experience CompTIA Security+, or Certified Ethical Hacker (CEH), or GIAC Cyber Threat Intelligence (GCTI) Strong knowledge related to the current state of cyber adversary tools, techniques, and tactics Broad understanding of network architecture and network security methods, including capabilities and limitations Experience with basic malware analysis Strong analytical skills and the ability to effectively research, write, communicate, and brief varying levels of audiences to include the executive level Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses is a plus Knowledge of the TCP/IP networking stack and network IDS technologies, a plus Location
This is a hybrid role with expectations of being on the client site at times in Washington, DC Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
IT Services and IT Consulting
#J-18808-Ljbffr
Tyto Athene is searching for a
Cyber Threat Intelligence Analyst
to support multiple cybersecurity workstreams within the Department of Health and Human Services (HHS). The individual will contribute to research, analysis, and operational support activities as part of HHS’s Cybersecurity Operations (CSO) division. The role is instrumental in assisting with the development, review, and management of cybersecurity initiatives and projects aimed at protecting HHS and its partners in the Healthcare and Public Health (HPH) sector. This position requires a foundation in cybersecurity concepts, proficiency in research methodologies, and familiarity with both open and closed intelligence sources. The analyst will work closely with senior cybersecurity professionals to enhance HHS’s capabilities in identifying and mitigating threats, as well as in maintaining strong relationships with key stakeholders and partners. Responsibilities
Support a full Cybersecurity Threat Intelligence lifecycle Collect open source, classified, and internal intelligence artifacts from investigations for actionable mitigation and technical control recommendations Apply intelligence reporting and knowledge of the security network toward the discovery of suspicious activity and to prevent and/or detect future incidents Support standardization of threat responses Deliver concise weekly strategic and tactical intelligence reports Assess and outline the implications of reports to the client Support process improvement of the current cyber threat program and alignment with the strategic program Threat Intelligence Collection and Analysis
Conduct exhaustive reviews of open-source cybersecurity reporting, including industry blogs, security forums, and public vulnerability databases Access and analyze closed-source reporting from trusted partners and paid threat intelligence services, including tools like Intel 471 and Mandiant Implement automated tools for continuous monitoring of threat landscapes, including the dark web, hacking forums, and other relevant sources Prioritize intelligence gathering on threats specifically targeting HHS systems Threat Actor Profiling
Assist in the development and maintenance of comprehensive threat actor profiles, detailing motivations, capabilities, historical activities, and preferred tactics Conduct link analysis to identify connections between different threat actors and campaigns Product Development
Develop cybersecurity products such as white papers, analyst notes, and legislative analysis reports to support internal decision-making and inform the broader HPH sector Support the creation of tailored threat briefings for various audiences, including technical teams and executive leadership, ensuring stakeholders understand key threats and their impact Classified and Specialized Research
Maintain proficiency in specialized Intelligence Community (IC) tools such as Intelink, Lucky, OSE, Pulse, TAC, and Wire Assist in the integration of classified information with unclassified data to enhance threat intelligence analysis Conduct classified research and prepare intelligence reports for audiences with varying levels of security clearance (up to TS/SCI) Information Sharing and Relationship Building
Develop relationships with classified information custodians across HHS to facilitate information sharing Engage with external cybersecurity organizations to facilitate the exchange of information Participate in classified briefings and contribute to information sharing initiatives aimed at enhancing collective cybersecurity defenses Support Threat Briefings
Develop and deliver threat briefings that cater to both technical and non-technical audiences Assist in the development of detailed threat landscape reports and intelligence summaries for leadership, using qualitative and quantitative analysis Collaboration and Stakeholder Engagement
Assist in building relationships with internal and external cybersecurity stakeholders, including industry partners Support efforts to enhance the sharing of threat intelligence and ensure the HHS Cybersecurity Operations team remains informed on emerging threats and vulnerabilities Required qualifications
Bachelors degree and 4 years of experience CompTIA Security+, or Certified Ethical Hacker (CEH), or GIAC Cyber Threat Intelligence (GCTI) Strong knowledge related to the current state of cyber adversary tools, techniques, and tactics Broad understanding of network architecture and network security methods, including capabilities and limitations Experience with basic malware analysis Strong analytical skills and the ability to effectively research, write, communicate, and brief varying levels of audiences to include the executive level Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses is a plus Knowledge of the TCP/IP networking stack and network IDS technologies, a plus Location
This is a hybrid role with expectations of being on the client site at times in Washington, DC Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
IT Services and IT Consulting
#J-18808-Ljbffr