Skip to content

Specialized Security All Source Analyst (Insider Threat)

Core OneQuantico, VA, USJuly 18, 2026
On-site
Full-time
Threat Intelligence
Staff · 8–8 yrs

Join our team at Core One! Our mission is to be at the forefront of devising analytical, operational and technical solutions to our Nation's most complex national security challenges. In order to achieve our mission, Core One values people first! We are committed to recruiting, nurturing, and retaining top talent! We offer a competitive total compensation package that sets us apart from our competition. Core One is a team-oriented, dynamic, and growing company that values exceptional performance!

*This position requires TS/SCI Clearance * 

Responsibilities:

  • The Contractor shall provide all source analytic support to the DCSA InT program. The Contractor shall leverage their education, expertise, and understanding of the DoD population to accomplish the specific tasks.
  • The Contractor shall provide Insider Threat support services. The Contractor shall provide Insider Threat analysts responsible for conducting comprehensive all source research, analysis and fusion of traditional and not-traditional sources of information supporting the Insider Threat mission. The Contractor shall produce innovative, all-source InT-related products for a broad set of customers, including those in the DoD, intelligence, security and law enforcement communities and other senior audiences.
  • Aggregate, analyze, and evaluate all available InT government and open-source information to assist in the evaluation of potential risk as it relates to InT.
  • Extract and organize statistical data to support the building of both quantitative and qualitative metrics products, summaries, case studies and trend products.
  • Communicate complex ideas and analyses orally and in writing.
  • Plan and conduct thorough research using all available InT tools and data sources to discover the information necessary to support analysis, either independently or as part of a larger analytical effort.
  • Assist in the preparation and production of risk warning and situational awareness products related to InT issues.
  • Assist in the preparation and production of analytical products and identifying areas for efficiencies in the production process.
  • Provide editing and quality control of InT products communicating recommendations orally and in writing.
  • Review InT information in support of meeting InT mission requirements and timelines. 
  • Propose and define new UAM policy triggers.
  • Perform functional testing of proposed and modified policy triggers prior to implementation and final government approval.
  • Prepare policy trigger implementation plan and impact assessment. The Contractor shall prepare and present findings in support of new UAM policy triggers.
  • Review and escalate as appropriate events triggered in the UAM tool.
  • Perform configuration management activities to ensure compliance with asset management and continuous monitoring policy requirements.
  • Understand and implement established policy technical and workflow procedures.
  • Prepare, write, and present reports and briefings as required. The Contractor shall provide written support for UAM policy approval requests.
  • Support analytic and operational activities to assemble, correlate, evaluate, and assess information concerning counterintelligence, security, human capital, and information assurance related insider threats against DCSA personnel, programs, information systems, and/or facilities.
  • Apply knowledge of CNE tactics, techniques, and procedures associated with advanced cyber threats to develop analytical signatures and filters to refine anomaly detection with the Insider Threat Program datastore/database that are internal to the organization. The primary distinguishing characteristic of this capability is knowing the specific content being read, moved, and altered within the organization by the internal threat and applying context and analysis to that knowledge.
  • Perform event analysis by examining network traffic data and Host Based Security Systems’ audit data, SIEM data, and any other technical feeds received from Agency security tools.
  • Analyze and disseminate insider threat analysis information as required, and perform insider threat analysis, forecasts, and threat alerts with recommended countermeasures to include new policy trigger protocols or tuning of existing policies.
  • Prepare formal analysis products and reports with findings and recommendations. The Contractor shall prepare and present briefings as a subject matter expert, as required.
  • Make policy trigger recommendations to the government to enhance current capabilities and tune current policy triggers.
  • Focus not only on anomalous network activity but also captures human behaviors such as policy violations, compliance incidents, and malicious acts at the endpoint that can service as warning signs leading up to a breach.
  • Effectively detect both unauthorized access to information and unauthorized transfer of information and could be deployed for audits and inquiries across multiple network architectures using a wide variety of security concepts of operations that range from standalone, single-service systems in a two-person investigation office to large-scale clusters on a distributed enterprise with multiple stakeholders doing auditing and investigations.
  • Process personnel to verify the appropriate security clearance and/or SCI eligibility prior to granting access to DCSA facilities and information. In addition, support the DCSA Personnel Security (PS) Program includes:
  • Request/Review/Initiate/Track Personnel Security Background Investigations.
  • Provide accurate and analytical establishment, maintenance, review, receipt, accountability, transmission, reproduction, storage, safeguarding, and destruction of collected personal history, case files, data entry,

Qualifications:

  • Bachelor's Degree in area related to the position
  • TS/SCI Clearance
  • 8 years of experience in a directly related position

Salary

  • $85,000 - $95,000

The pay range reflected above is a general guideline for this position and labor category and is not a guarantee of a specific salary or offer. Final compensation is determined based on factors including, but not limited to, relevant experience, education, certifications, security clearance level, contract requirements, geographic location, and internal pay equity, and may reflect market data specific to the awarded contract.

Security Clearance:

  • TS/SCI

Core One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

__PRESENT__PRESENT__PRESENT__PRESENT

__PRESENT

__PRESENT__PRESENT

__PRESENT__PRESENT

__PRESENT__PRESENT__PRESENT__PRESENT

Job Details

Salary

$85,000 – $95,000/yr (us)

Experience

Staff · 8–8 yrs