Overview:
Quantum Research International, Inc. (Quantum) is a certified DoD Contractor providing services and products to US/Allied governments and industry in the following main areas: (1) Cybersecurity, High Performance Computing Systems, Cloud Services and Systems; (2) Space and Ground Support Systems; (3) Aviation Systems; (4) Missile Systems; (5) Artificial Intelligence/ Machine Learning Systems and Experimentation/Training; and (6) Audio Visual Systems and Services. Quantum's Corporate Office is in Huntsville, AL, but Quantum actively hires for positions nationwide and internationally. We pride ourselves on providing high quality support to the U.S. Government and our Nation's Warfighters. In addition to our corporate office, we have physical locations in Aberdeen; MD; Colorado Springs, CO; Orlando, FL; Crestview, FL; and Tupelo, MS.

Mission:

Target Network Analyst will be a member of the NGA DEFENDER Computer Network Exploitation team, the contractor executes computer network operations via penetration testing and emulating Advanced Adversaries, Insider Threats, and Purple Team against NGA systems for the purpose of strengthening information system security. Ideal Target Network Analysts will conduct advanced analysis of collection and open-source data to ensure cyber target continuity; profile targets and their activities; and develop techniques to gain more target information. Analysts determine how targets communicate, move, operate and live based on knowledge of target technologies, digital networks and the applications on them. This position is available immediately and supports the National Geospatial-Intelligence Agency (NGA) onsite at NGA headquarters in Springfield, VA.

Responsibilities:

Target Network Analyst shall assist the customer in providing technical and engineering support to sensitive and highly regulated Computer Network Exploitation (CNE) operations designed to identify vulnerabilities subject to Advanced Persistent Threats (APT) or other emerging, time sensitive cyber threats on the customers networks. Specific responsibilities include:

• Compile, integrate, and/or interpret all-source data for intelligence or vulnerability value with respect to specific targets.
• Identify and conduct analysis of target communications to identify information essential to support CNE operations.
• Conduct target research and analysis and determine what technologies are used by a given target.
• Gather information about networks through traditional and alternative techniques, (e.g., social network analysis, call-chaining, traffic analysis.)
• Identify and evaluate threat critical capabilities, requirements, and vulnerabilities.
• Identify collection gaps and potential collection strategies against targets.
• Identify network components and their functionality to enable analysis and target development.
• Profile cyber targets and their activities and provide target recommendations which meet leadership objectives.
• Reconstruct networks in diagram or report format.
• Research communications trends in emerging technologies (in computer and telephony networks, satellite, cable, and wireless) in both open and classified sources.

Requirements:

• Bachelor's degree in Computer Science or Information Systems or other technically relevant degree; 6-10 years of direct cyber vulnerability assessment experience may be accepted in lieu of Bachelors or Masters
• Experience with Computer Network Defense (CND) Intelligence Analysis, Assessments, and/or Open-Source Research
• Knowledge of Government standards for data security such as markings, handling of classified and unclassified information, and how to handle the distribution of this information
• Knowledge of computer networking concepts and protocols, and network security methodologies, risk management processes (e.g., methods for assessing and mitigating risk), and laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
• Knowledge of cyber threats and vulnerabilities, and operational impacts of cybersecurity lapses.
• Knowledge of cryptography and cryptographic key management concepts and host/network access control mechanisms (e.g., access control list, capabilities list, etc.).
• Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities.
• Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
• TS/SCI eligible, subject to CI Polygraph
• IAT Level 2 and Two Penetration Testing Certifications (e.g., GPEN, GWAT, GCIH, CEH, GPYC, LPT, CPT)

Desired/Preferred Skills

• Analyzing target communication networks and essential network data (e.g., router configuration, files, routing protocols).
• Applying various analytical methods, tools, and techniques (e.g., competing hypotheses; chain of reasoning; scenario methods; denial and deception detection; high impact-low probability; network/association or link analysis; Bayesian, Delphi, and Pattern analyses).
• Conducting research using deep web, social network analysis, buddy list analysis, and/or cookie analysis.
• Determining appropriate targeting options through the evaluation of available capabilities against desired effects.
• Exploit/query organizational and/or partner collection databases and in fusion analysis.
• Identifying critical target elements, to include critical target elements for the cyber domain; understand target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships.
• Identifying target network anomalies (e.g., intrusions, data-flow or processing, target implementation of new technologies).
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

Equal Opportunity Employer/Affirmative Action Employer M/F/D/V: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic protected by law. *Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.