Cyber Intelligence Analyst
Shift5 is seeking a Cyber Intelligence Analyst to join our growing Research team. In this role, your primary responsibility will be all-source data collection and analysis in order to derive technical information, intelligence insights and cyber threats that will help drive decision making across projects and teams. You will study Operational Technology (OT) such as transportation assets and weapons systems along with the developments that surround them including usage behaviors, geopolitical events, industry trends, cyber-attack/electronic warfare incidents, threat actors, and more. You will then distill that knowledge into technical reports and presentations to customers, engineers, and other stakeholders. You will process a range of RFIs from engineers in Research to non-technical staff in Marketing. This role requires you to be comfortable with understanding technical concepts, documentation, and datasets while drawing insights from and communicating them. You will play a crucial role in helping Shift5 defend critical national infrastructure, weapons platforms, and logistics.
Shift5 is a rapidly growing cybersecurity start-up. We specialize in cybersecurity technology for operational systems, data collection, and insights for a wide variety of operational systems. To put it simply, we defend planes, trains and tanks from cyberattack. We are a collaborative, passionate and driven cadre of cyber security experts. Our engineers are multidisciplinary and our team is dynamic. We’re a growing company focused on helping our customer’s fleets run smarter and safer by capitalizing on mountains of data resting right about the wheels. Come join us.
You will be expected to:
- Travel to customer sites (CONUS & OCONUS) on average 15-20% of your time.
- Work in a hybrid model, local to Shift5 HQ in Rosslyn, VA.
- Work with engineers, program managers, executives, customers and others to understand their intelligence needs and execute on providing that information. It is imperative to answer RFIs quickly and efficiently.
- Be comfortable utilizing VPNs, TOR, “dark web”, internet archives, and other OSINT sources to collect information.
- Analyze a wide variety of information, data, and intelligence sourced from government, private, and public sources.
- Synthesize publicly available and proprietary information (such as engineering documentation, technical standards, specifications, and operating manuals) into meaningful technical details.
- Utilize classified data and reporting tools as part of your workflow.
- Utilize technical tools like Wireshark, Shodan, scripting languages and command line utilities as part of your workflow.
- Educate stakeholders about cyber threats on OT assets, impacts, and mitigation solutions.
- Effectively organize, prioritize, classify, and present your findings based on a targeted audience both verbally and in written communications (reports, presentations, etc.).
- Develop and work with industry frameworks that describe and categorize tactics, techniques and procedures (TTPs) for real-world OT cyber threats and observations.
- Build and develop a system for data and intelligence sharing specific to the needs of Shift5.
- Active US Government TS clearance (and willingness to maintain)
- Experience in cybersecurity or cyber threat analysis
- Have a background in at least one technology area: cyber-attack TTPs in a OT context, embedded systems, operational technology, protocols & systems in aviation, rail and weapons systems.
- Top tier communication, presentation, and analytical skills
- Ability to efficiently multitask and accommodate change of priorities on demand
- Experience with OT systems, preferably in aviation, rail, space, and/or weapons systems.
- Experience with government intelligence databases
- Experience with technical analysis/processing tools like Wireshark, Shodan, scripting languages, and command line utilities.
- Experience with collecting and analyzing engineering/technical documentation.
- Familiarity with internal information sharing tools (e.g. Confluence, wiki pages, etc.) and methods to automate information collection.
- Monitoring current events (cyber, geopolitical, political, technology) and distilling the impacts to industry verticals and/or customer objectives.
- BS or MS in Computer Science, Cybersecurity, Cyber Intelligence, or equivalent
- Experience in embedded systems or serial networks
- Strong technical background
- Ability to read, translate, and process materials in one or more of the following foreign languages: Russian, Chinese, Arabic, and Persian/Farsi.
Compensation & Benefits:
- Competitive salary and stock options in a fast-growing startup
- Employer-paid medical, dental and vision coverage
- Health Savings Account with annual employer contributions
- 401k with employer contributions
- Life Insurance
- Uncapped paid time off policy
- Flexible work & remote work policy
- Tax-deferred public transit benefits with Metro SmartBenefits (DC/MD/VA)
We are committed to building an inclusive culture of belonging that embraces the diversity of our people and represents the communities in which we work and the customers we serve. We know the happiest and highest performing teams include people with diverse perspectives and ways of solving problems. We strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work.
Shift5 is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identify, national origin, disability, age, marital status, ancestry, projected veteran status, or any other protected group or class.