Senior Cyber Threat Analyst / Active TS/SCI

• Analyze advanced persistent threat (APT) activity targeting DoDIN-Europe by correlating indicators from multiple intelligence sources, network telemetry, and endpoint data to characterize adversary campaigns and assess risk to Army operations
• Produce finished cyber threat intelligence products - including threat assessments, trend analyses, and adversary TTPs reports - tailored for both technical operators and senior Army leadership at RCC-E and NETCOM
• Perform expert-level analysis of network logs including firewall events, PCAP captures, NetFlow records, Zeek/Bro connection logs, DNS query logs, and web proxy data to reconstruct adversary activity and identify lateral movement or exfiltration
• Conduct RAM and system memory dump analysis to identify malicious processes, injected code, persistence mechanisms, and artifacts of compromise that may not be visible through traditional log-based analysis
• Lead and support proactive threat hunting operations across RCC-E-managed networks, developing hypothesis-driven hunt packages based on current threat intelligence and MITRE ATT&CK TTPs to uncover undetected adversary activity
• Develop cyber threat awareness products and briefings for distribution to supported Army units, providing actionable intelligence on emerging threats, vulnerabilities, and recommended defensive measures relevant to the USAREUR-AF operational environment

Required:

• Bachelor's degree (STEM/Business Admin) and a minimum of 5 years of cyber threat analysis and intelligence experience; or an a ssociate's degree and a minimum of 7 years specialized experience; or 11 years of experience (no degree), * GNFA (GIAC Network Forensic Analyst)

• GCIH (GIAC Certified Incident Handler)

• GCTI (GIAC Cyber Threat Intelligence)

• GDSA (GIAC Defensible Security Architecture)

• GCDA (GIAC Certified Detection Analyst)

• GREM (GIAC Reverse Engineering Malware)

• Blue Team Level 2

• Microsoft Certified: Cybersecurity Architect Expert

• Zero Point RTO

• OSDA (Offensive Security Operations and Defensive Analysis), Demonstrated experience in threat analysis of vulnerabilities and penetration techniques; expert knowledge of network logs (firewall, PCAP, NetFlow, Zeek, DNS, web proxy); alert and activity correlation; network diagram review; RAM/system dump analysis; and cyber threat awareness product development, * Expert proficiency with Zeek/Bro for network security monitoring and custom script development for traffic analysis

• Experience with NetFlow analysis tools (SiLK, nfdump, Elastic) for large-scale network behavior analysis and anomaly detection

• Advanced Wireshark skills for deep packet inspection and protocol-level adversary activity reconstruction

• Strong working knowledge of the MITRE ATT&CK framework for threat modeling, TTP mapping, and detection gap identification

• Experience with threat intelligence platforms (MISP, OpenCTI, Anomali) for IOC management and intelligence sharing

• Proficiency with Elastic Stack or Splunk for log aggregation, correlation, and threat hunting query development

• Experience with memory forensics tools (Volatility, Rekall) for RAM dump analysis and malware artifact extraction

• Familiarity with structured analytic techniques and intelligence community reporting standards for finished product development

$104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. EEO

Peraton is seeking to hire an experienced Senior Cyber Threat Analyst for its' Regional Cyber Center-Europe program, Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.