• Collect, analyze and disseminate information relative to terroristic or criminal cyber threats, and attacks within and against the state, its citizens and/or infrastructure.
• Research and collect open and classified source cyber threat information.
• Produce and present cyber related threats and vulnerability research papers, reports, alerts, bulletins and related work products for state and agency use. Communicate to Senior Executives through oral and written reports and presentations.
• Assist in cyber incident response planning and management activities, i.e., preparation, development and evaluation of statewide cyber security policies, preparedness standards and subsequent operational procedures.
• Assist with and provide input to strategic mitigation recommendations for ongoing plans, projects and initiatives.
  Collaborate on major regional cyber threat studies with consideration to state risk implications and mitigation strategies. Facilitate consensus outcome within and between various workgroups on all resulting work product(s). Interface, develop and maintain workgroup relationships with various local, county, state and federal agencies and private sector organizations on cyber related threats and vulnerabilities.
• Coordinate cyber threat, incident and vulnerabilities work efforts with OHSP Intelligence Bureau, Critical Infrastructure Protection Bureau, Planning & Project Management Bureau and Regional Operations Intelligence Center Cyber Security Fusion Office. Improve / support cross-functional team development.
• Operate and maintain security information / event management software tools.
• Assist or execute cyber threat, vulnerability and impact assessment(s) with corresponding trend analysis.
• Ensure all systems security operations and maintenance activities are properly documented and updated as necessary.
• Testify as an “expert witness” cyber analyst before various types of legal forums or hearings.
• Train subordinates, intelligence and / or risk analysts to improve knowledge base and skill levels. Evaluate personnel and provide comprehensive resource efficacy reports upon request as training progresses.
• Identify, validate and attend pertinent seminars and course studies on intelligence gathering, cyber threats, risk analysis and other various types of specialized areas.
• Maintain the integrity of classified and sensitive records and files.

Specific Infrastructure Risk Analyst Duties:

• Evaluate and quantify the risk level of a given event and its probable occurrence within or during a specific period of time, or under selected conditions. (For example: catastrophic flood surge or terrorist attack within “x” years.
• Determine how best to deploy equipment assets and personnel resources, to targeted hot spots (CI/KR, high crime areas, etc.)
• Organize logical, systematic information and data search methodology and report format as required for various assessment activities.
• Determine best practice for compiling, prioritizing, collating, and evaluating information gathered.
• Analyze information and data retrieved to conduct investigative studies.
• Prepare detailed quantitative and/or qualitative terrorism and natural hazards risk planning reports and course of action recommendations as required.
• Review analytical models presently utilized by the agency.
• Identify and submit process change and improvement recommendations for best practice research methodologies as appropriate.
• Develop and maintain liaise position with local, state and federal officials (law enforcement (“LE”) / Infrastructure Protection Planners (“IPP”), Office of Emergency Management (“OEM”) leadership) and private sector officials to discuss mutual CI/KR risk issues.
• Facilitate collaborative work on major state and regional risk assessment studies.
• Train subordinates such as intelligence and / or risk analysts to improve skill levels. Evaluate effectiveness of subject trainees over the designated training period. Prepare various reports and analytical studies on reviewed intelligence information and post impact analysis. Reports and studies will contain findings, conclusions and recommendations for operational briefings and oral presentations.
• Testify as a risk analysis expert witness before various types of legal forums or hearings.
• Identify, validate and attend pertinent seminars and course studies on intelligence gathering, risk analysis and other various types of specialized areas.
• Maintains the integrity of classified and sensitive records and files.
• Facilitate and coordinate functional team preparedness and planning efforts between OHSP’s Intelligence Bureau, Critical Infrastructure Protection Bureau and Planning & Project Management Bureau.
• Identify analytic tools and historical data to calculate worst probable threat (“WPT”), vulnerability and consequence scenario(s) including the likelihood of a terrorist act or attack, natural and/or technological disasters affecting CI/KR in New Jersey.
• Translate WPT into quantifiable, measurable risk data. Support joint Office of Homeland Security and Preparedness (“OHSP”) Critical Infrastructure Protection (“CIP”) and (US) Department of Homeland Security (“USDHS”) projects.
• Facilitate OHSP CIP and the (US) DHS Protective Security Advisor (“PSA”) project collaboration.
• Coordinate joint threat risk assessment with the OHSP Analysts, PSA, USDHS Intelligence Analyst and OHSP CIP staff.
• Support and/or develop technological event and natural disaster risk assessment for State Fusion Center and OHSP preparedness projects, in addition to identified state critical infrastructure sector(s) and facilities. Calculate risk plus threat of possible/probable international hazards.

Qualifications

All candidates must have a clean criminal background to obtain and maintain a security clearance.

Cyber Threat Analysts must possess at least three (3) years related experience, plus:

• Documented success with technical capabilities and limitations assessment of internet and online technologies including social networking sites (“SNS”), blogs and micro-blogs, virtual worlds and online games.
• Expertise with emerging computer and online technologies, online social behaviors, computer and internet slang. Robust knowledge of IT incident response planning and procedures, risk assessment methodology and show solid evidence of risk management process proficiency and implementation skill.


• Ability to exercise and implement IT disaster recovery and continuity plans, assess exercise results or system environment and recommend optimal/optimized modifications or adjustments as necessary.

Infrastructure Analysts must possess at least two (2) years related experience, plus: