Today
Top Secret/SCI
Unspecified
Polygraph
IT - Security
Reston, VA (On-Site/Office)
Cyber Defense Threat Analyst Level 6 will have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow. As a Cyber Defense Threat Analyst you will help ensure today is safe and tomorrow is smarter.
Level 6:
How a Cyber Defense Threat Analyst will make a Impact:
Skills and Abilities:
Required
Education and Experience:
Training and Certifications:
Security Clearance:
IC-CAP provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status.
Level 6:
- Investigates, analyzes, and responds to cyber incidents within a network environment or enclave. Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
- Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
- Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
- Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
- Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security.
- Researches and evaluates new concepts and processes to improve performance.
- Analyzes cross-functional problem sets, identifies root causes and resolves issues.
- Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.
- May coach and provide guidance to less-experienced professionals.
- May serve as a team or task lead.
How a Cyber Defense Threat Analyst will make a Impact:
- The successful applicant will be expected to identify potential cyber threats, determine levels of risk, and produce analytical reports for a variety of audiences. You will occasionally be required to present your findings in front of senior executives, so the ability to translate technical indicators into layperson's terms is vital.
- Outstanding problem-solving skills are essential. When serious threats are identified, you will work closely with other areas of the security team to identify appropriate solutions. You must be passionate about technology, and able to learn the ropes of new security solutions rapidly.
- Indicators of Compromise (IOC)s will be obtained through: forensic analysis of digital information, Open-Source Intel (OSINT) review/monitoring, available tools both customer provided and open source, and pivoting/researching on previously reported IOCs. Recommending adjustment of countermeasures, enterprise or tactical, to account for threats.
- Discovering adversary campaigns, anomalies and inconsistencies in sensor and system logs, SIEMs, and other data; investigate to identify or rule out system compromises, provide written analytic summaries and attack life cycle visualizations.
- Participate in collaborative sessions with other CNDSPs and IC agencies and cross functional (Current Operations, Future Operations, Logistics, Planning, Resourcing and Requirements) on malicious intrusions, attacks or suspicious activities, as well as share emerging Cyber Threat Intel data to achieve centrally coordinated, threat informed and prioritized vulnerability scoring and mitigation methodology.
- Analyzing and documenting malicious cyber actors TTPs, providing recommendations and alignment to vulnerabilities and applicability to the enterprise operational environment. Assists in the development of IOCs for active defensive countermeasures and passive detection signatures.
- Providing risk assessments and recommendations based on analysis of technologies, threats, intelligence, and vulnerabilities.
- Recommending adjustment of prioritized enterprise focused analysis based on immediate threat identified based on intelligence and other analysis performed. Collecting analysis metrics and trending data, identify key trends, and provide situational awareness on these trends.
- Strong written communications skills.
- Attention to detail and ability to work with team-members and independently.
Skills and Abilities:
Required
- Must have knowledge of standard network infrastructure
- Knowledge of masquerading, certificates, and file hashing
- Familiar with monitoring emerging threats through Tools, Techniques, and Procedures (TTPs) and how they relate to the MITRE ATT&CK framework
- Ability to pivot on indicators.
Education and Experience:
- HSD/GED+16yrs
- Associates+14yrs
- Bachelors+12yrs
- Masters+10yrs
- PhD+8yrs
- NOTE: Relevant professional certifications will be considered equivalent to six (6) months of relevant experience.
Training and Certifications:
- IAT Level 2
Security Clearance:
- Active TS/SCI and the willingness to sit for a polygraph, if needed
IC-CAP provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status.
group id: 90908715
