Title: Senior Cyber Threat Intelligence Analyst (CTIA) Personnel Qualifications Master's or Bachelor's degree in: Strategic Intelligence or International Securities Studies, Economics or Finance, Cyber Security, Computer Science, Telecommunications, Information Systems or Assurance, Securities Studies Capabilities Currently possess an in-scope valid/active National Security Top Secret/SCI level clearance. With master's degree, 12 years of experience applying intelligence tradecraft to write intelligence or derivative products (with at least 5 years of experience analyzing cyber threat strategic and anticipatory intelligence; some experience supporting and assessing emerging cyber threats for the U.S. Government or US financial institutions. With bachelor's degree 17 years of experience in the same areas. (Note: The position performs intelligence analysis, not threat hunting or response associated with security operations center) Applied experience with at least six of the following concepts: analytic tradecraft standards, cyber kill chain, diamond model, advanced persistent threat, cybercrime, hacktivism, cyber fraud, malware and ransomware, social engineering, incident response, threat intelligence, and host and network-based security. Advanced understanding of intelligence tools available on JWICS to maximize collation and analysis to provide relevant and timely intelligence to consumers. Demonstrates ability to work independently with minimal oversight and direction Demonstrates ability to collaborate and work with other IC members, established working groups or ad hoc multi-disciplined teams on information sharing and refining collections Solid teamwork skills, including the ability to collaborate with others who are conducting research in the same, similar, or different areas Experience in collating and assessing intelligence reports derived from multiple intelligence platforms and tools to identify relevant and timely intelligence Ability to vet, enrich, and maintain technical data, including indicators of compromise, shared from partner agencies and key stakeholders Demonstrates in-depth knowledge and understanding of advanced persistent threats, common vulnerabilities and exposures (CVE), ransomware as a service, as well as other cyber-related tactics, techniques, and procedures (TTPs). This includes understanding of Corporate and government technology (networks, hardware, software, operating systems, etc.) Cybersecurity tools / perspectives (defensive, investigative, analytical, risk, etc.) Demonstrates the ability to organize and prioritize complex time- dependent task flows (i.e., tracking and prioritizing issues and inquiries) Demonstrates competence in applying analytic tradecraft standards (ICD 203) in verbal or written finished intelligence, white papers, research studies and briefings that integrate intelligence community (IC) threat assessments and open-source reporting with proprietary Federal Reserve System (FRS) data to communicate complex relationships or impacts to FRS decision makers and stakeholders. Demonstrates ability to develop structured research to produce an integrated, timely, logical, and concise analytic reports, documents, assessments, studies, and briefing materials. Demonstrates the ability to integrate threat intelligence reports, open-source analysis, and department/agency level data into concise, insightful, and comprehensive analytic products to communicate the aggregated results to people who need to know the results (e.g., government decision-makers, security officials, senior corporate officials) Demonstrates capability in applying critical thought and detail to recognize nuances in cyber-related reporting and to resolve contradictions and inconsistencies in information Demonstrates forward thinking, e.g. "What would I do next if I were the attacker" Understanding of payment and settlement systems, money and financial markets Experience with continuing operations during emerging or ongoing events that may include a cyber of national level incident response. Certification in at least one of the following (or recognized equivalents): CISSP (Certified Information Systems Security Professional) Security+ ISSEP (Information Systems Security Engineering Professional) GIAC (Global Information Assurance Certification)
