Conducts analysis using intelligence and information from multiple sources to assess, interpret, forecast, and explain a range of national security issues and developments that are regional or functional in nature. Provides all-source analytic support to collections, operations, investigations, and other defense intelligence analytic requirements. Provides all-source analysis to include: research, evaluation, and deconfliction of single-source classified reporting, technical intrusion information, other agency all-source finished intelligence, open-source information, and other relevant data. Categorizes and characterizes cyber threats and malware to help identify trends and changes in the activities of the cyber adversaries. Adheres to Office of the Director of National Intelligence (ODNI) and Defense Intelligence Agency (DIA) all-source analytic tradecraft and standards. Establishes and maintains communications with counterparts in the Intelligence Community, the USCYBERCOM service components, other combatant commands, Cyber National Mission Force, Department of Homeland Security/NCSD, CERTS, and Information Assurance Centers to collaborate on analysis and identify changes in the environment. (This is done only at the direction of USCYBERCOM leadership and in accordance with the guidance of government sponsors within assigned division). Maintains cognizance of events occurring both within the U.S. government systems and internationally as directed to identify possible relationships to established knowledge base. Uses intelligence production tools and databases, to include Tripwire Analytic Capability, Intellipedia, Palantir, MIDB, Cyber Common Operating Picture (CyberCOP), Target Knowledge Base, Cyber Threat Matrix, Automated Message Handling System, WISE Information Management System, Network Knowledge Base, FoxTrail, CENTAUR, ispace, Pathfinder, and Microsoft OneNote. Provides intelligence support including the following:

Intelligence Support to Planning and Operations

 Provides all-source JIPOE support to offensive cyber operations / defensive cyber operations (OCO/DCO) planning and execution to include production of cyber related Intelligence Estimates and associated products. This analysis shall include direct support to the Intelligence Planning Teams (IPTs) as required.

Threat Trends and Indicators

 Produce bulletins and briefs related to assigned area of responsibility. These shall include specific changes in tactics, techniques, and procedures (TTP) and technical trends in cyber threats directed at the DoDIN and U.S. critical infrastructure/key resources (CI/KR) as required. Monitors threat activities to develop specific cyber indicators to support the USCYBERCOM role in the Defense Warning Program.

Cyber-Related Exercise Support

Provides scenario development, white cell, or role-playing support to cyber related exercises as required.

USCYBERCOM Staff Support

 Responds expeditiously to J2 or other USCYBERCOM staff requests for information as required.

Product Development

 Assists in the production, editing, publishing, and dissemination of clear, concise, timely, and relevant cyber analytic products as required.

Briefing

Develops and presents intelligence slides and in-depth briefings and presentations related to assigned area of responsibility to USCYBERCOM staff up to GO/FO level.

Meeting Support

Provides support to meetings related to assigned area of responsibility. This shall include meetings within the Command or held at other government or cleared defense contractor facilities. Travel may be required for long distance meetings but virtual participation is preferred.

At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefits here.