All Source Analyst (Insider Threat) - Expert

Job Title: All-Source Analyst - Expert

Location: Quantico, VA

Security Clearance Required: Top Secret (TS) with SCI

Job Description

Preting is seeking exceptionally qualified individuals to serve as All Source Analysts to support the Defense Counterintelligence Security Agency (DCSA) at the Department of Defense Insider Threat Management Analysis Center (DITMAC). The All-Source Analyst will support analytic and operational activities to assemble, correlate, evaluate, and assess information concerning counterintelligence, security, human capital, and information assurance related insider threats against DCSA personnel, programs, information systems, and/or facilities.

Job Responsibilities

• Produce innovative, all-source Insider Threat-related products for a broad set of customers, including those in the DoD, intelligence, security and law enforcement communities and other senior audiences
• Aggregate, analyze, and evaluate all available Insider Threat government and open-source information to assist in the evaluation of potential risk as it relates to Insider Threat
• Extract and organize statistical data to support the building of both quantitative and qualitative metrics products, summaries, case studies and trend products
• Plan and conduct thorough research using all available Insider Threat tools and data sources to discover the information necessary to support analysis
• Assist in the preparation and production of risk warning and situational awareness products related to Insider Threat issues
• Provide editing and quality control of Insider Threat products communicating recommendations orally and in writing
• Evaluate and identify policy gaps in existing systems
• Propose and define new User Activity Monitoring (UAM) policy triggers, perform functional testing of proposed and modified policy triggers prior to implementation and final government approval, and prepare policy trigger implementation plan and impact assessment
• Perform configuration management activities to ensure compliance with asset management and continuous monitoring policy requirements
• Prepare, write, and present reports and briefings as required
• Perform event analysis by examining network traffic data and Host Based Security Systems’ audit data, SIEM data, and any other technical feeds received from Agency security tools
• Capture human behaviors such as policy violations, compliance incidents, and malicious acts at the endpoint that can service as warning signs leading up to a breach

Required Qualifications

• Active Top Secret (TS) with SCI security clearance.
• Must have at least eight (8) years of relevant experience (with at least a portion of that experience within the last two (2) years).
• Demonstrated experience analyzing User Activity Monitoring (UAM) data sets and audit tools
• In-depth understanding of the UAM tool to include policy implementation and writing as well as in-depth knowledge with policy tuning and system impacts based on policy changes
• Familiarity with Foreign Intelligence Entity (FIE) and non-state entity use of technology to target, collect, and exploit DOD information and information systems, personnel, and operations.
• Ability to identify intelligence gaps, specify data collection requirements to fill gaps in information, and evaluate resulting intelligence requirements
• Ability to present analysis and threat assessments to the Government.
• Demonstrated experience understanding of the intelligence cycle and architecture, to include planning, collection, research, analysis, and production.
• Demonstrated proficiency in the use of all source analysis and the proper use of advanced analytic tools (e.g., Analyst Notebook).
• Experience providing support to the DCSA Insider Threat mission while conducting in-depth analysis of intelligence data received from various data sources
• Experience providing support and expertise to a Government or Contractor Insider Threat program
• Experience in Personnel Security, Threat Assessment/Threat Management or Counterintelligence supporting the Insider Threat mission.
• Experience in concepts, principles, practices, and techniques associated with threat assessment/threat management, counterintelligence and law enforcement and knowledge of the organization of the security and counterintelligence communities, including their capabilities and jurisdictions and significant experience with collaboration and information sharing within and across the Federal Government, Intelligence, Counterintelligence, Law Enforcement and Security communities.
• Demonstrated experience with Insider Threat risk assessments and presenting those findings to a variety of audiences, to include senior decision makers.
• Have written and oral communication skills including demonstrated negotiation/collaboration skills required as documented through a variety of experiences briefing and presenting issues at the General/Flag Officer/SES level.
• Knowledge and demonstrated use of research and analytical techniques as applied to difficult and complex assignments in security, law enforcement, and counterintelligence analysis
• Possess understanding of intelligence collection capabilities and limitations, to include but not limited to, technical sensors/ platforms and human intelligence sources related to the labor category.
• Proficiency using Microsoft Office tools.
• Knowledge and training in structured professional judgement tools such as WAVR-21 is preferred.
• Demonstrates ability to work semi-independently with oversight and direction.
• The physical demands described below are representative of those that may need to be met by an employee to successfully perform the essential functions of this position:
  • While performing the duties of this job, the employee is regularly required to sit and talk or listen.
  • The employee is frequently required to walk; use hand to handle or feel and reach with hands and arms.
  • The employee is occasionally required to stand and may occasionally lift and/or move up to 30 pounds.
  • The employee must successfully complete all medical examinations required by the client, including for any temporary duty or full-time deployment as required.

Desired Qualifications

• Preferred to have a Bachelor’s Degree in a related field of study.

Cherokee Preting is an Equal Opportunity Employer. All qualified applicants are granted the same consideration for employment regardless of race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or any other federally protected class.