What are the responsibilities and job description for the Cyber Threat Analysis Support position at BTAS?
Position: Cyber Threat Analysis Support
Location: Scott AFB, IL
Security Clearance Required: Top Secret with SCI eligibility
Position Type/Standard Work Hours: Full-time/40 hours per week/On-site
Summary/Objective:
The Cyber Threat Analysis Support role supports the United States Transportation Command (USTRANSCOM) Cyberspaces Operations Forces’ (COF), located at Scott Air Force Base (AFB), IL.
Security Clearance Required: Top Secret with SCI eligibility
Position Type/Standard Work Hours: Full-time/40 hours per week/On-site
Summary/Objective:
The Cyber Threat Analysis Support role supports the United States Transportation Command (USTRANSCOM) Cyberspaces Operations Forces’ (COF), located at Scott Air Force Base (AFB), IL.
The COF’s mission is to provide Department of Defense Information Network (DODIN) Operations, defensive cyber operations-internal defensive measures, and overall cyberspace operations in support of USTRANSCOM network systems and missions. COF provides mission-tailored, joint capability packages to Combatant Commanders to facilitate rapid establishment of Joint Force Headquarters, fulfill Global Response Force execution and bridge joint operational requirements.
This role will execute cyber threat analysis processes and procedures IAW DoD policy and USTRANSCOM Government direction. Its mission essential/critical task is to provide cyber threat analysis and escalation support to USTRANSCOM’s CSSP and Defensive Cyber Operations (DCO) missions.
Primary Responsibilities:
Cyber Threat Analysis Support:
In support of the CSSP mission, perform threat analysis to support DoDIN operations for protection and defense of USTRANSCOM information systems and networks, by; collecting, analyzing, and reporting on security events that affect the operation of USTRANSCOM information systems that are hosted within USTRANSCOM’s and CSSP subscriber enclaves, and for systems hosted elsewhere for which USTRANSCOM is the Authorizing Official (AO). This includes, but is not limited to the following:
- Gather information on cybersecurity events within USTRANSCOM’s mission environment.
- Perform analysis and correlation on cybersecurity events.
- Collaborate with other cyber defense organizations (including but not limited to TCCs; Combatant Commands; Services and Agencies; Federal, regional, and local law enforcement agencies; National Intelligence organizations; and organizations identified via local monitoring capabilities).
- Collaborate with USTRANSCOM’s intelligence community and cyber operational forces.
- Maintain an awareness of active cyber threat actors and associated threat sets.
- Predict trends in cyber threat activity relative to the CSSP mission.
- Highlight potential effects to system performance and mission capabilities.
- Receive and process warning intelligence information from approved sources including but not limited to Defense Intelligence Agency, National Security Agency, counterpart CSSPs and open-source activities, maintaining source location information.
- Develop and distribute cyber threat awareness products (e.g., briefs, information papers, threat tippers), as required and requested.
- Develop and present a weekly cyber threat briefing for CSSP leadership.
- Develop monthly cyber alerts for USTRANSCOM and TCCs.
- Host and present at bi-weekly cyber threat sharing sessions for CSSP members, subscribers, and partner organizations.
Cyber Situational Awareness and Collaboration:
In support of the USTRANSCOM’s cyber defense mission, collect, analyze, and report security events that affect the operation of USTRANSCOM’s mission environment and identified KT-C. This includes, but is not limited to the following:
- Gather information on cybersecurity events within USTRANSCOM’s mission environment.
- Perform analysis and correlation on cybersecurity events relative to the cyber defense mission.
- Collaborate with other cyber defense organizations (including but not limited to USCYBERCOM, JFHQ DoDIN, TCCs; Combatant Commands; CO-IPE; Services and Agencies; federal, regional, and local law enforcement agencies; Intelligence organizations; and organizations identified via local monitoring capabilities) as needed to maintain situational awareness.
- Collaborate with the USTRANSCOM CPT’s.
- Maintain an awareness of active cyber threat actors and associated threat sets.
- Predict trends in cyber threat activity relative to USTRANSCOM operations or interests.
- Develop cyber threat awareness products (e.g., briefs, cyber alerts, reports, tippers).
- Prepare/present cyber threat briefings to varied audiences as requested.
- Highlight potential effects to system performance and mission capabilities.
Cyber Threat Metrics and Process/Procedure Documentation:
Collect and provide the Government with monthly metrics on cyber threat analysis activity. The metrics will include, but not limited to:
- List and description of cyber threat analysis products generated/distributed (e.g., tippers, email alerts, information papers).
Maintain current documentation on cyber threat analysis processes and procedures and provide the following deliverable documents to the government IAW the assigned suspense dates.
- USTRANSCOM Intel/AS&W Receipt SOP & associated checklists.
- USTRANSCOM Intel/AS&W Analysis SOP & associated checklists.
- USTRANSCOM Intel/AS&W Product Generation SOP & associated checklists.
- USTRANSCOM Intel/AS&W Distribution SOP & associated checklists.
Required Education and/or Experience:
(Journeyman)
- Five or more years of relevant Cybersecurity Technician experience.
- IAT-II Baseline Certification: Sec CE.
- CSSP Analyst and CSSP Incident Responder Certification** (within 6 months of hire date).
** CYSA covers the requirement.
Supervisory Responsibilities:
This position does not supervise the work of others.
This position does not supervise the work of others.
Work Environment:
This job operates in a professional office environment. This role routinely uses standard office equipment.
Physical Demands:
Must be able to operate a computer and other standard office equipment.
Travel:
Very little.
Other Duties:
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and/or activities may change at any time with or without notice.
BTAS Benefits:
A comprehensive benefits program, including paid time off, federal holidays, health coverage, 401K plan with generous company match is offered to all full-time employees.
AAP / EEO Statement:
BTAS is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.
BTAS is an E-Verify program participant.