Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime / fraud groups and both state and non-state sponsored threat actors.
Must understand typical threat actor profiles, the typical indicators associated with those profiles, and be able to synthesize them to develop innovative techniques to detect threat actor activity.
Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise.
Ability to analyze the environment from a threat actor's perspective, including the skill to conduct prioritized identification of vulnerable assets, and then devise techniques to detect potential attack activity.
developing and refining objectives; supporting operation planning and execution; and assessing the effects of operations on the organizations' interests.
Assists others who produce timely, fused, all-source cyber operations intelligence and / or indications and warnings intelligence products.
With limited oversight, provide timely notice of imminent or hostile intentions or activities which may impact the organizations' objectives, resources, or capabilities.
Support others who report intelligence-derived significant network events and intrusions. Support others who provide threat-related support during incident response operations to more effectively diagnose anomalous activity.