Cyber Insider Threat Analyst

What You Will Do

Are you an insider threat professional? Are you interested in joining a dedicated team of counterintelligence and insider threat professionals helping to safeguard Los Alamos National Laboratory (LANL)? If you answered "Yes" to these questions, we invite you to learn more about our opening for a Cyber Insider Threat Analyst 3.

The seasoned Cyber Insider Threat (CIT) Analyst assists in conducting counterintelligence and CIT analysis to assess threats to LANL and national security posed by covert or overt activities of LANL personnel or foreign entities, domestic violent extremists, and international terrorists. The CIT Analyst also provides a range of analytical products and support, including contributing unique insight to multiple members of the US Intelligence Community (USIC) and other government agencies.

Local analytical efforts support national counterintelligence and insider threat goals and objectives as directed by the LANL Foreign Immigration, Visits and Analysis (FVA) Group Leader and Office of Counterintelligence (OCI) Director.

In this position, the incumbent will evaluate technical cyber intelligence and complex structured and unstructured data to identify foreign and domestic cyber threats targeting DOE personnel, technologies, and networks; provide cyber expertise on CI and CIT investigations and operations with a particular emphasis on digital forensics; and draft/finalize reports of findings of CIT concern. The individual will review classified and unclassified reporting, correlate with local and Cyber Intelligence/Insider Threat Center data and identify indicators of foreign or domestic targeting or activity.

They will also support the development and application of cyber tools and best practices to strengthen the counterintelligence and insider threat mission.

Analyze classified and unclassified information technology systems to identify vulnerabilities and intrusion indicators of CI and IT concern; collaborate and share information with Los Alamos National Laboratory cyber security teams, inter-agency partners, OCI components, the LANL Field Intelligence Element (FIE), and with other LANL personnel as appropriate will be expected in this role; collect, triage, and conduct forensic examinations of digital media in accordance with forensic best practices.

The successful candidate will possess extensive cyber insider threat experience and familiarity with relevant insider threat community policy (e.g., EO 13587, DOE O 470.5A) and an understanding of cyber insider threat indicators, organizations, and roles.

Advanced technical knowledge of classic and contemporary cyber threats and vulnerabilities with demonstrated ability to apply that knowledge to system engineering, analytics, or operations.

Demonstrated experience with network system forensics, packet capture analysis and enterprise level incident response and host forensics.

For this role you will need to have advanced knowledge of Windows and Linux workstation/server management. Advanced knowledge of and demonstrated experience with all aspects of current network technology including network protocols, network infrastructure elements, and network applications, services and related protocols. Demonstrated advanced knowledge of distributed systems, including system architectures, computer networks, and software.

A competitive candidate will possess demonstrated experience presenting intelligence/insider threat briefings to decision makers at all levels.

One must be able to foster teamwork and interact professionally across LANL, with DOE IN and other DOE Counterintelligence and Insider Threat Field Offices, and with liaison partners. One must also be able and willing to represent OCI on various working groups and have strong literary skills and clarity of speech.

Position typically requires a bachelor's degree and a minimum of eight years of related experience, or an equivalent combination of education and…