Cyber Threat Intelligence Analyst

Job Description

Overview :
Quantum Research International, Inc. (Quantum) is a certified DoD Contractor providing services and products to US/Alliedgovernments and industry in the following main areas: (1) Cybersecurity, High Performance Computing Systems, Cloud Services and Systems; (2) Space and Ground Support Systems; (3) Aviation Systems; (4) Missile Systems; (5) Artificial Intelligence/ Machine Learning Systems and Experimentation/Training; and (6) Audio Visual Systems and Services. Quantum's Corporate Office is in Huntsville, AL, but Quantum actively hires for positions nationwide and internationally. We pride ourselves on providing high quality support to the U.S. Government and our Nation's Warfighters. In addition to our corporate office, we have physical locations in Aberdeen; MD; Colorado Springs, CO; Orlando, FL; Crestview, FL; and Tupelo, MS.

Mission:

Quantum Research is seeking a motivated Cyber Network Threat Analyst to work as a member of their Cyber Threat Intelligence Team in our Huntsville, AL locations.

Responsibilities:

• Perform cyber threat intelligence collection at open source and classified levels, using multiple analytical tools, in order to provide client's a understanding of the threats and risks they networks and systems face.
• Perform network traffic analysis to identify anomalies and potential threats.
• Research emerging threats.
• Provide evaluations on the current threats to customer's networks and data and make recommendations for mitigations.
• Support incident response by providing threat actor TTP's, known indicators of compromise, and analysis to aid in the incident response process.
• Provide briefings to customer's senior officials on various topics including but not limited to: emerging threats, APT's, and recommendations for improving security posture.
• Proficiency in using OSINT tools (e.g., Threatstream, Shodan) and web scraping techniques.
• Knowledge of cyber threats, vulnerabilities, and operational impacts of cybersecurity lapses.
• Knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities.
• Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).

Requirements:

• BS degree in Computer Science, Computer/Electrical Engineering, MIS or equivalent field of study. Years of experience and certifications/training may be accepted in lieu of Degree (e.g.Security+, Cybersecurity Analyst/CySA+, Cyber Threat Intelligence/GCTI, Cyber Analyst Course).
• Experience in identifying and evaluating emerging and persistent threats, trends, TTPs, attribution, or threat hunting.
• Experience with analyzing multiple disparate data sources (passive dns, threat feeds, vulnerabilities, attack surface, etc) to enrich and aid in threat tracking/analysis.
• Experience with analyzing NetFlow and analyzing network traffic to identify malicious activity.
• Experience with threat intelligence tools and databases at open source and classified levels.
• Experience with open source (OSINT) research (social media, blogs, IRC, deep/dark web, message boards).
• Knowledge of network and/or operating systems security (Intrusion Detection/Prevention Systems, Firewalls).
• Active Secret Security Clearance. Must be capable/eligible of obtaining a Top Secret clearance.

Desired Skills and Qualifications:

• Knowledge of scripting languages (Python, Powershell, Perl, etc.).• Experience in network and/or host-based forensics.
• Experience with analyzing vulnerabilities to determine realistic impact/risk to customer's network.
• Basic static/dynamic malware analysis.
• Experience with adversary emulation, cyber protection team, red team, and vulnerability exploitation.
• Experience in cyber digital forensics and incident response investigations.
• Conducting vulnerability scans and recognizing vulnerabilities in security systems.
• Mimicking threat behaviors and the use of penetration testing tools and techniques.
• Using network analysis tools to identify vulnerabilities. (e.g., fuzzing, Nmap, etc.).
• Reviewing logs to identify evidence of past intrusions and conducting application vulnerability assessments.
• Knowledge of global supply chain dynamics and emerging risks.
• Proficiency in using supply chain management software and risk management tools.
• Strong analytical skills, with experience in data analysis, risk modeling, and scenario planning

Certifications:

• Applicable Certifications include but are not limited to any of the following: Security+, Cybersecurity Analyst/CySA+, Cyber Threat Intelligence/GCTI, Cyber Analyst Course). Note: Some may be obtained as condition of employment by obtaining within time from of employment

#LI-JL1 #LI-Onsite

Equal Opportunity Employer/Affirmative Action Employer M/F/D/V: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic protected by law. *Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.