Yesterday
Secret
Unspecified
Unspecified
IT - Security
Arlington, VA (On-Site/Office)
Tyto Athene is searching for a Lead Cyber Watch Analyst to support our customer in Arlington, Virginia.
Responsibilities:
* Utilize security tools to analyze, investigate, and triage security alerts
* Coordinate the monitoring of our customers environments, including cloud and SaaS solutions for evidence of adversarial activity
* Lead cross-functional teams to perform in-depth analysis and investigation of high-priority cybersecurity incidents
* Utilize advanced tools, such as digital forensics or malware analysis capabilities, to identify incidents' root causes, scope, and impact
* Collaborate with cyber threat hunting and cyber threat intelligence teams
* Serve as the primary incident point of contact with law enforcement, third-party vendors, and other external parties
* Conduct post-incident analysis and lessons learned to identify improvement opportunities
* Develop or tune detection rules or signatures to improve the effectiveness of security monitoring and collaborate with engineering teams to implement them
* Accurately document triage findings, and intake reports of external cybersecurity events from SOC customers via phone or email in the SOCs Incident Management System(IMS)
* Learn new open and closed-source investigative techniques
* Perform research on emerging threats and vulnerabilities to aid their prevention and mitigation
* Assist in developing and implementing initiatives that will enhance the SOC's performance (e.g., SOPs, playbooks, capability deployments)
* Escalate SOC performance issues or risks to management
* Provide guidance and mentorship to Tier 1 and Tier 2 SOC Analysts to enhance their skills and capabilities
Required:
* Bachelor's degree in Computer Science, Information Technology, or related field and 12 years of relevant experience or a Master's degree and 8 years.
* CISSP or CEH certification; additional experience, formal training, certifications, and/or education may be substitutable at the client's discretion
* Experience in some of the following tools and technologies: EDR and SIEM
* The ability to take the lead on incident research and mentor junior analysts
* Understanding of MITRE ATT&CK and D3FEND
* Knowledge of advanced attacker tools, techniques, and procedures (TTP)
* Current malware campaigns TTPs
* Experience with malware analysis
* Experience with digital forensics tools and case procedures
* Knowledge of enterprise architecture including zero trust principles
* Knowledge of Windows and Linux file systems
* Common phishing techniques and how to investigate them
* Proficiency in technical writing
* Experience in customer service or client-facing roles
* Experience presenting and speaking to leadership
* The ability to mentor Tier 1 and Tier 2 analysts
Desired:
* Previous SOC or incident response experience
* Working knowledge of regex and scripting languages is highly preferred
* Additional relevant certifications such as those from GIAC or CompTIA
* Experience with major cloud service provider offerings
* Knowledge of offensive security tools and techniques
* Experience with cyber threat intelligence gathering and analysis
* Experience with cyber threat hunting
Clearance: Active Secret Clearance required
Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.
Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it's time to join Team Tyto!
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
Responsibilities:
* Utilize security tools to analyze, investigate, and triage security alerts
* Coordinate the monitoring of our customers environments, including cloud and SaaS solutions for evidence of adversarial activity
* Lead cross-functional teams to perform in-depth analysis and investigation of high-priority cybersecurity incidents
* Utilize advanced tools, such as digital forensics or malware analysis capabilities, to identify incidents' root causes, scope, and impact
* Collaborate with cyber threat hunting and cyber threat intelligence teams
* Serve as the primary incident point of contact with law enforcement, third-party vendors, and other external parties
* Conduct post-incident analysis and lessons learned to identify improvement opportunities
* Develop or tune detection rules or signatures to improve the effectiveness of security monitoring and collaborate with engineering teams to implement them
* Accurately document triage findings, and intake reports of external cybersecurity events from SOC customers via phone or email in the SOCs Incident Management System(IMS)
* Learn new open and closed-source investigative techniques
* Perform research on emerging threats and vulnerabilities to aid their prevention and mitigation
* Assist in developing and implementing initiatives that will enhance the SOC's performance (e.g., SOPs, playbooks, capability deployments)
* Escalate SOC performance issues or risks to management
* Provide guidance and mentorship to Tier 1 and Tier 2 SOC Analysts to enhance their skills and capabilities
Required:
* Bachelor's degree in Computer Science, Information Technology, or related field and 12 years of relevant experience or a Master's degree and 8 years.
* CISSP or CEH certification; additional experience, formal training, certifications, and/or education may be substitutable at the client's discretion
* Experience in some of the following tools and technologies: EDR and SIEM
* The ability to take the lead on incident research and mentor junior analysts
* Understanding of MITRE ATT&CK and D3FEND
* Knowledge of advanced attacker tools, techniques, and procedures (TTP)
* Current malware campaigns TTPs
* Experience with malware analysis
* Experience with digital forensics tools and case procedures
* Knowledge of enterprise architecture including zero trust principles
* Knowledge of Windows and Linux file systems
* Common phishing techniques and how to investigate them
* Proficiency in technical writing
* Experience in customer service or client-facing roles
* Experience presenting and speaking to leadership
* The ability to mentor Tier 1 and Tier 2 analysts
Desired:
* Previous SOC or incident response experience
* Working knowledge of regex and scripting languages is highly preferred
* Additional relevant certifications such as those from GIAC or CompTIA
* Experience with major cloud service provider offerings
* Knowledge of offensive security tools and techniques
* Experience with cyber threat intelligence gathering and analysis
* Experience with cyber threat hunting
Clearance: Active Secret Clearance required
Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.
Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it's time to join Team Tyto!
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
group id: 91085617
