Exploitation Analyst

Job Requirements

About the Role

As an Exploitation Analyst within the RISK function of the ISG department, you will play a critical role in identifying and assessing the capabilities and activities of cybercriminals and foreign intelligence entities. Your work will support law enforcement and counterintelligence investigations by analyzing collected data to uncover vulnerabilities and potential exploitation opportunities. This role demands a deep understanding of cyber threats, intelligence analysis, and technical exploitation, with a focus on enabling proactive defense and operational readiness.

Key Responsibilities

Primary Responsibilities

• Develop cyber indicators to maintain situational awareness in a dynamic threat environment.
• Collect, process, analyze, and disseminate cyber threat and warning assessments.
• Identify access and collection gaps and recommend cyber collection or preparation activities.
• Leverage authorized resources and analytic techniques to penetrate targeted networks.
• Communicate complex information confidently through verbal, written, and visual means.
• Accurately source all data used in intelligence, assessments, and planning products.
• Formulate research questions and tracking variables to support intelligence requirements.
• Recommend analytic approaches for incomplete or unprecedented information scenarios.
• Collaborate effectively in virtual and cross-functional teams.
• Evaluate information for reliability, validity, and relevance.
• Synthesize fragmented data into high-quality, fused intelligence products.
• Focus research efforts to meet decision-making needs.
• Identify intelligence gaps and mitigate cognitive biases and deception in analysis.
• Think critically and adopt an adversarial mindset to anticipate threat actor behavior.
• Utilize multiple intelligence sources across all disciplines.
  
  

Secondary Responsibilities

• Analyze threat information from diverse sources and agencies.
• Contextualize intelligence to draw actionable insights.
• Conduct environmental preparation and respond to intelligence requests.
• Develop assessment plans and performance/effectiveness measures.
• Conduct strategic and operational effectiveness assessments for cyber events.
• Provide subject matter expertise for operational planning and intelligence picture development.
• Assist in managing all-source collection requirements and identifying shortfalls.
• Brief stakeholders on threat and target situations.
• Conduct in-depth research, nodal analysis, and geospatial tracking.
• Evaluate threat decision-making processes and identify tactics and methodologies.
• Monitor adversarial activities and report on validated threat actions.
• Produce timely, fused, all-source cyber intelligence products.
• Support planning forums, exercises, and time-sensitive operations.
• Provide feedback to improve intelligence production and reporting.
• Maintain awareness of emerging technologies and their implications.
• Collaborate with developers to enhance tool development based on target insights.
• Lead or support exploitation operations aligned with organizational objectives.
  
  

What We Are Looking For

Education

• Bachelor's or Master's degree in Cybersecurity, Information Technology, Computer Science, Intelligence Studies, or a related field.
  
  

Experience

• Proven experience in cyber threat intelligence, penetration testing, or exploitation analysis.
• Hands-on experience with cyber operations, intelligence collection, and network analysis.
• Familiarity with SCADA, telecom, wireless technologies, and digital infrastructure.
  
  

Skills and Attributes

• Strong analytical and critical thinking skills.
• Ability to synthesize large volumes of fragmented data into actionable intelligence.
• Proficiency in identifying and exploiting technical and operational vulnerabilities.
• Effective communication skills across verbal, written, and visual formats.
• Ability to work in high-pressure, fast-paced environments.
• Strong collaboration skills with internal and external stakeholders.
• Knowledge of cyber laws, regulations, and ethical hacking practices.
• Familiarity with geospatial analysis, metadata examination, and nodal analysis.
• Capability to lead and support complex cyber exploitation operations.
• Continuous learning mindset to stay updated with evolving cyber technologies.