Full Time Employee Contractor
Cyber Threat Analyst
We?re currently looking to hire a Cyber Threat Intelligence Analyst for a Hunt and Cyber Intelligence Operations Cell supporting a high profile customer in Herndon, VA! You'll be working with some of our nation?s best to solve challenging security problems and identify sophisticated adversaries in a fast-paced and continuously evolving environment, while growing your skills by solving ongoing challenges and threats.
Responsibilities include but are not limited to:
The Analysis Cell evaluates threats to the environment and is responsible for enabling an intelligence driven defense that detects potentially malicious events occurring within our customer enterprise networks.
A successful candidate will have working experience with security monitoring tools and have the ability to work closely with other cells supporting the customer?s CND mission. This position requires a high aptitude in Information Security technologies, the supporting infrastructure, an understanding of cyber espionage groups and their TTPs, as well as the many aspects involved with Threat Intelligence sharing. In addition the candidate should have the ability to proactively hunt to identify advanced security incidents. In this role, you will be rewarded with a wide variety of technologies to master along with a closely-knit, enthusiastic team that consistently is recognized as some of the top performers on the project! The candidate will also support our fellow security analysts by providing expert analysis and insight into attack campaigns and threats to better inform engineering and network defense decisions.
What Will You do all day?
? Construct and exploit threat intelligence to detect, respond, and defeat advanced persistent threats (APTs)
? Fully analyze network and host activity in successful and unsuccessful intrusions by advanced attackers
? Piece together intrusion campaigns, threat actors, and nation-state organizations
? Conduct advanced threat hunt operations using known adversary tactics, techniques and procedures as well as indicators of attack in order to detect adversaries with persistent access to the
? Develop and produce reports on all activities and incidents to help maintain day to day status, develop and report on trends, and provide focus and situational awareness on all issues.
? Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs.
? Notify the management team of significant changes in the security threat against the government networks in a timely manner and in writing via established reporting methods.
? Coordinate with appropriate organizations within the intelligence community regarding possible security incidents.
? Maintain knowledge of the current security threat level by monitoring related Internet postings, Intelligence reports, and other related documents as necessary.
? Develop and utilize "Case Management" process for incident and resolution tracking.
- A bachelor?s degree in computer engineering, computer science, cyber security, or other closely related IT discipline.
- Proven ability to collaborate with technical, highly performing teams.
- Strong analytical and problem solving skills.
- Minimum of five (5) years experience in cyber security analysis, incident response, or related experience.
- Good interpersonal and organizational skills and excellent writing, communications and briefing skills.
- 8570-compliant IAT Level I or CND-A
- Previous experience as Cyber Threat Researcher or Cyber Intelligence Analyst.
- Research experience in tracking cyber threat and malware campaign activity
- Tool agnostic ability to conduct preliminary malware analysis.
- Ability to create, modify, and implement both Snort and YARA signatures.
- Prior experience in network forensics with an emphasis on detecting malicious activity using network traffic
- Strong understanding of Operating Systems and Network Protocols
- Strong scripting and task automation skills
- Experience doing dynamic malware analysis
Security Requirements: U.S. Citizenship and an active TS/SCI clearance based upon a SSBI completed within the last 5 years and additional high level Polygraph.