Cyber Insider Threat Analyst 3
- Req. Number: IRC143761
- Organization : OCI-FVA
- City, State: Los Alamos, New Mexico
- Salary: $117,200 - $195,400
What You Will Do
Are you an insider threat professional? Are you interested in joining a dedicated team of counterintelligence and insider threat professionals helping to safeguard Los Alamos National Laboratory (LANL)? If you answered "Yes" to these questions, we invite you to learn more about our opening for a Cyber Insider Threat Analyst 3. The seasoned Cyber Insider Threat (CIT) Analyst assists in conducting counterintelligence and CIT analysis to assess threats to LANL and national security posed by covert or overt activities of LANL personnel or foreign entities, domestic violent extremists, and international terrorists. The CIT Analyst also provides a range of analytical products and support, including contributing unique insight to multiple members of the US Intelligence Community (USIC) and other government agencies. Local analytical efforts support national counterintelligence and insider threat goals and objectives as directed by the LANL Foreign Immigration, Visits and Analysis (FVA) Group Leader and Office of Counterintelligence (OCI) Director.
In this position, the incumbent will evaluate technical cyber intelligence and complex structured and unstructured data to identify foreign and domestic cyber threats targeting DOE personnel, technologies, and networks; provide cyber expertise on CI and CIT investigations and operations with a particular emphasis on digital forensics; and draft/finalize reports of findings of CIT concern. The individual will review classified and unclassified reporting, correlate with local and Cyber Intelligence/Insider Threat Center data and identify indicators of foreign or domestic targeting or activity. They will also support the development and application of cyber tools and best practices to strengthen the counterintelligence and insider threat mission. Analyze classified and unclassified information technology systems to identify vulnerabilities and intrusion indicators of CI and IT concern; Collaborate and share information with Los Alamos National Laboratory cyber security teams, inter-agency partners, OCI components, the LANL Field Intelligence Element (FIE), and with other LANL personnel as appropriate will be expected in this role; Collect, triage, and conduct forensic examinations of digital media in accordance with forensic best practices.
What You Need
Minimum Job Requirements:
Cyber CI or Cyber Insider Threat Experience
The successful candidate will possess extensive cyber insider threat experience and familiarity with relevant insider threat community policy (e.g., EO 13587, DOE O 470.5A) and an understanding of cyber insider threat indicators, organizations, and roles.
Advanced Persistent Threat
Advanced technical knowledge of classic and contemporary cyber threats and vulnerabilities with demonstrated ability to apply that knowledge to system engineering, analytics, or operations.
Forensics
Demonstrated experience with network system forensics, packet capture analysis and enterprise level incident response and host forensics.
Information Technology
For this role you will need to have advanced knowledge of Windows and Linux workstation/server management. Advanced knowledge of and demonstrated experience with all aspects of current network technology including network protocols, network infrastructure elements, and network applications, services and related protocols. Demonstrated advanced knowledge of distributed systems, including system architectures, computer networks, and software.
Briefings/Presentations
A competitive candidate will possess demonstrated experience presenting intelligence/insider threat briefings to decision makers at all levels.
Interpersonal Skills
One must be able to foster teamwork and interact professionally across LANL, with DOE IN and other DOE Counterintelligence and Insider Threat Field Offices, and with liaison partners. One must also be able and willing to represent OCI on various working groups and have strong literary skills and clarity of speech.
Education/Experience:
Position typically requires a bachelor's degree and a minimum of eight years of related experience, or an equivalent combination of education and experience. At this level, postgraduate course work may be desirable.
Desired Qualifications:
DOE Insider Threat
Familiarity with the DOE Insider Threat Program and possession of insider threat professional certifications are a plus. Upon joining OCI, a successful candidate not already certified as an insider threat professional must acquire certification as soon as feasible.
DOE Counterintelligence
Familiarity with the DOE Counterintelligence/Counterterrorism Program and knowledge of foreign intelligence service methods and of non-traditional foreign intelligence collection are also preferred.
US Intelligence Community Experience
Extensive US intelligence community experience and familiarity with seminal intelligence community policy (e.g., EO 12333, PDD 61) and an understanding of US intelligence and counterintelligence organizations and roles is also preferred.
Classification
Derivative classifier certification is a bonus. Upon joining OCI, a candidate not previously certified as a derivative classifier must acquire certification as soon as feasible.
Language
Proficiency in a critical foreign language is advantageous.
Clearance
Possession of an active Q clearance and SCI accesses and/or the ability to obtain those clearances expeditiously upon hire are preferred.
Work Location: The work location for this position is onsite and located in Los Alamos, NM. All work locations are at the discretion of management.
Position commitment: Regular appointment employees are required to serve a period of continuous service in their current position in order to be eligible to apply for posted jobs throughout the Laboratory. If an employee has not served the time required, they may only apply for Laboratory jobs with the documented approval of their Division Leader. The position commitment for this position is 1 year.
Note to Applicants:
With your application and résumé, please include a cover letter detailing how you meet each of the required skills for the position and, upon completion of the interview, be prepared to provide a writing sample. Although the position will not ordinarily require extensive travel, the successful candidate must be able to travel domestically on occasion to accommodate training or operational needs.
Due to federal restrictions contained in the current National Defense Authorization Act, citizens of the People's Republic of China-including the special administrative regions of Hong Kong and Macau-as well as citizens of the Islamic Republic of Iran, the Democratic People's Republic of Korea (North Korea), and the Russian Federation, who are not Lawful Permanent Residents ("green card" holders) are prohibited from accessing facilities that support the mission, functions, and operations of national security laboratories and nuclear weapons production facilities, which includes Los Alamos National Laboratory.
Where You Will Work
Located in beautiful northern New Mexico, Los Alamos National Laboratory (LANL) is a multidisciplinary research institution engaged in strategic science on behalf of national security. Our generous benefits package includes:
§ PPO or High Deductible medical insurance with the same large nationwide network
§ Dental and vision insurance
§ Free basic life and disability insurance
§ Paid childbirth and parental leave
§ Award-winning 401(k) (6% matching plus 3.5% annually)
§ Learning opportunities and tuition assistance
§ Flexible schedules and time off (PTO and holidays)
§ Onsite gyms and wellness programs
§ Extensive relocation packages (outside a 50 mile radius)
Additional Details
Directive 206.2 - Employment with Triad requires a favorable decision by NNSA indicating employee is suitable under NNSA Supplemental Directive 206.2. Please note that this requirement applies only to citizens of the United States. Foreign nationals are subject to a similar requirement under DOE Order 142.3A.
Clearance: Q/SCI (Position will be cleared to this level). Selected applicants will be subject to a background investigation conducted by or on behalf of the Federal Government, and must meet eligibility requirements* for access to classified matter. This position requires a Q clearance, and obtaining such clearance requires US Citizenship except in extremely rare circumstances. Dependent upon the position, additional authorization to access classified information may be required, which may or may not be available to dual citizens. Receipt of a Q clearance and additional access authorization ultimately is a decision of the Federal Government and not of Triad.
*Eligibility requirements: To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE Order 472.2 for additional information.
New-Employment Drug Test: The Laboratory requires successful applicants to complete a new-employment drug test and maintains a substance abuse policy that includes random drug testing. Although New Mexico and other states have legalized the use of marijuana, use and possession of marijuana remain illegal under federal law. A positive drug test for marijuana will result in termination of employment, even if the use was pre-offer.
Regular position: Term status Laboratory employees applying for regular-status positions are converted to regular status.
Internal Applicants: Regular appointment employees who have served the required period of continuous service in their current position are eligible to apply for posted jobs throughout the Laboratory. If an employee has not served the required period of continuous service, they may only apply for Laboratory jobs with the documented approval of their Division Leader. Please refer to Policy Policy P701 for applicant eligibility requirements.
Equal Opportunity: Los Alamos National Laboratory is an equal opportunity employer. All employment practices are based on qualification and merit, without regard to protected categories such as race, color, national origin, ancestry, religion, age, sex, gender identity, sexual orientation, marital status or spousal affiliation, physical or mental disability, medical conditions, pregnancy, status as a protected veteran, genetic information, or citizenship within the limits imposed by federal, state, and local laws and regulations. The Laboratory is also committed to making our workplace accessible to individuals with disabilities and will provide reasonable accommodations, upon request, for individuals to participate in the application and hiring process. To request such an accommodation, please send an email to applyhelp@lanl.gov or call (505)-664-6947.
Are you an insider threat professional? Are you interested in joining a dedicated team of counterintelligence and insider threat professionals helping to safeguard Los Alamos National Laboratory (LANL)? If you answered "Yes" to these questions, we invite you to learn more about our opening for a Cyber Insider Threat Analyst 3. The seasoned Cyber Insider Threat (CIT) Analyst assists in conducting counterintelligence and CIT analysis to assess threats to LANL and national security posed by covert or overt activities of LANL personnel or foreign entities, domestic violent extremists, and international terrorists. The CIT Analyst also provides a range of analytical products and support, including contributing unique insight to multiple members of the US Intelligence Community (USIC) and other government agencies. Local analytical efforts support national counterintelligence and insider threat goals and objectives as directed by the LANL Foreign Immigration, Visits and Analysis (FVA) Group Leader and Office of Counterintelligence (OCI) Director.
In this position, the incumbent will evaluate technical cyber intelligence and complex structured and unstructured data to identify foreign and domestic cyber threats targeting DOE personnel, technologies, and networks; provide cyber expertise on CI and CIT investigations and operations with a particular emphasis on digital forensics; and draft/finalize reports of findings of CIT concern. The individual will review classified and unclassified reporting, correlate with local and Cyber Intelligence/Insider Threat Center data and identify indicators of foreign or domestic targeting or activity. They will also support the development and application of cyber tools and best practices to strengthen the counterintelligence and insider threat mission. Analyze classified and unclassified information technology systems to identify vulnerabilities and intrusion indicators of CI and IT concern; Collaborate and share information with Los Alamos National Laboratory cyber security teams, inter-agency partners, OCI components, the LANL Field Intelligence Element (FIE), and with other LANL personnel as appropriate will be expected in this role; Collect, triage, and conduct forensic examinations of digital media in accordance with forensic best practices.
What You Need
Minimum Job Requirements:
Cyber CI or Cyber Insider Threat Experience
The successful candidate will possess extensive cyber insider threat experience and familiarity with relevant insider threat community policy (e.g., EO 13587, DOE O 470.5A) and an understanding of cyber insider threat indicators, organizations, and roles.
Advanced Persistent Threat
Advanced technical knowledge of classic and contemporary cyber threats and vulnerabilities with demonstrated ability to apply that knowledge to system engineering, analytics, or operations.
Forensics
Demonstrated experience with network system forensics, packet capture analysis and enterprise level incident response and host forensics.
Information Technology
For this role you will need to have advanced knowledge of Windows and Linux workstation/server management. Advanced knowledge of and demonstrated experience with all aspects of current network technology including network protocols, network infrastructure elements, and network applications, services and related protocols. Demonstrated advanced knowledge of distributed systems, including system architectures, computer networks, and software.
Briefings/Presentations
A competitive candidate will possess demonstrated experience presenting intelligence/insider threat briefings to decision makers at all levels.
Interpersonal Skills
One must be able to foster teamwork and interact professionally across LANL, with DOE IN and other DOE Counterintelligence and Insider Threat Field Offices, and with liaison partners. One must also be able and willing to represent OCI on various working groups and have strong literary skills and clarity of speech.
Education/Experience:
Position typically requires a bachelor's degree and a minimum of eight years of related experience, or an equivalent combination of education and experience. At this level, postgraduate course work may be desirable.
Desired Qualifications:
DOE Insider Threat
Familiarity with the DOE Insider Threat Program and possession of insider threat professional certifications are a plus. Upon joining OCI, a successful candidate not already certified as an insider threat professional must acquire certification as soon as feasible.
DOE Counterintelligence
Familiarity with the DOE Counterintelligence/Counterterrorism Program and knowledge of foreign intelligence service methods and of non-traditional foreign intelligence collection are also preferred.
US Intelligence Community Experience
Extensive US intelligence community experience and familiarity with seminal intelligence community policy (e.g., EO 12333, PDD 61) and an understanding of US intelligence and counterintelligence organizations and roles is also preferred.
Classification
Derivative classifier certification is a bonus. Upon joining OCI, a candidate not previously certified as a derivative classifier must acquire certification as soon as feasible.
Language
Proficiency in a critical foreign language is advantageous.
Clearance
Possession of an active Q clearance and SCI accesses and/or the ability to obtain those clearances expeditiously upon hire are preferred.
Work Location: The work location for this position is onsite and located in Los Alamos, NM. All work locations are at the discretion of management.
Position commitment: Regular appointment employees are required to serve a period of continuous service in their current position in order to be eligible to apply for posted jobs throughout the Laboratory. If an employee has not served the time required, they may only apply for Laboratory jobs with the documented approval of their Division Leader. The position commitment for this position is 1 year.
Note to Applicants:
With your application and résumé, please include a cover letter detailing how you meet each of the required skills for the position and, upon completion of the interview, be prepared to provide a writing sample. Although the position will not ordinarily require extensive travel, the successful candidate must be able to travel domestically on occasion to accommodate training or operational needs.
Due to federal restrictions contained in the current National Defense Authorization Act, citizens of the People's Republic of China-including the special administrative regions of Hong Kong and Macau-as well as citizens of the Islamic Republic of Iran, the Democratic People's Republic of Korea (North Korea), and the Russian Federation, who are not Lawful Permanent Residents ("green card" holders) are prohibited from accessing facilities that support the mission, functions, and operations of national security laboratories and nuclear weapons production facilities, which includes Los Alamos National Laboratory.
Where You Will Work
Located in beautiful northern New Mexico, Los Alamos National Laboratory (LANL) is a multidisciplinary research institution engaged in strategic science on behalf of national security. Our generous benefits package includes:
§ PPO or High Deductible medical insurance with the same large nationwide network
§ Dental and vision insurance
§ Free basic life and disability insurance
§ Paid childbirth and parental leave
§ Award-winning 401(k) (6% matching plus 3.5% annually)
§ Learning opportunities and tuition assistance
§ Flexible schedules and time off (PTO and holidays)
§ Onsite gyms and wellness programs
§ Extensive relocation packages (outside a 50 mile radius)
Additional Details
Directive 206.2 - Employment with Triad requires a favorable decision by NNSA indicating employee is suitable under NNSA Supplemental Directive 206.2. Please note that this requirement applies only to citizens of the United States. Foreign nationals are subject to a similar requirement under DOE Order 142.3A.
Clearance: Q/SCI (Position will be cleared to this level). Selected applicants will be subject to a background investigation conducted by or on behalf of the Federal Government, and must meet eligibility requirements* for access to classified matter. This position requires a Q clearance, and obtaining such clearance requires US Citizenship except in extremely rare circumstances. Dependent upon the position, additional authorization to access classified information may be required, which may or may not be available to dual citizens. Receipt of a Q clearance and additional access authorization ultimately is a decision of the Federal Government and not of Triad.
*Eligibility requirements: To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE Order 472.2 for additional information.
New-Employment Drug Test: The Laboratory requires successful applicants to complete a new-employment drug test and maintains a substance abuse policy that includes random drug testing. Although New Mexico and other states have legalized the use of marijuana, use and possession of marijuana remain illegal under federal law. A positive drug test for marijuana will result in termination of employment, even if the use was pre-offer.
Regular position: Term status Laboratory employees applying for regular-status positions are converted to regular status.
Internal Applicants: Regular appointment employees who have served the required period of continuous service in their current position are eligible to apply for posted jobs throughout the Laboratory. If an employee has not served the required period of continuous service, they may only apply for Laboratory jobs with the documented approval of their Division Leader. Please refer to Policy Policy P701 for applicant eligibility requirements.
Equal Opportunity: Los Alamos National Laboratory is an equal opportunity employer. All employment practices are based on qualification and merit, without regard to protected categories such as race, color, national origin, ancestry, religion, age, sex, gender identity, sexual orientation, marital status or spousal affiliation, physical or mental disability, medical conditions, pregnancy, status as a protected veteran, genetic information, or citizenship within the limits imposed by federal, state, and local laws and regulations. The Laboratory is also committed to making our workplace accessible to individuals with disabilities and will provide reasonable accommodations, upon request, for individuals to participate in the application and hiring process. To request such an accommodation, please send an email to applyhelp@lanl.gov or call (505)-664-6947.
