Senior Cyber Threat Analyst

Onsite | Chantilly, VA | 5 Days a Week

Active TS/SCI Clearance Required

Summary

Our client brings bold thinking and a desire to be the best at their work in consulting, analytics, digital solutions, engineering, cyber, and with industries ranging from defense to health to energy to international development.

Responsibilities

Our client is seeking a Senior Cyber Threat Analyst to help customers solve problems using the latest software like Splunk, Carbon Black, Tenable, and SIEM products. Using cyber investigative techniques like threat analysis, malware analysis, and forensics, you’ll work alongside multiple stakeholders to evaluate cyber intelligence and make meaningful recommendations. You’ll monitor security environments and identify security gaps through the eyes of an adversary. In this role, you’ll impact Law Enforcement and Intelligence operations by monitoring adversarial cyber threat activity, evaluating their actions, and collaborating with other information sources to assess capabilities and identify additional vulnerabilities.

Requirements

• 7+ years of experience in a Cybersecurity role, such as cyber intelligence, cyber threat analysis, incident response, cyber investigations, malware analysis, or network forensics
• Experience with developing analytical work products based on technical findings
• Knowledge of intelligence-gathering principles, policies, and procedures, including legal authorities and restrictions
• Knowledge of cyber threat intelligence models, including MITRE ATT&CK, Kill Chain, and Diamond Model
• Knowledge of network security architecture concepts, including topology, protocols, components, principles, and networking protocols and services, such as FTP, HTTP, SSH, SMB, and LDAP
• Ability to vet, enrich, and maintain technical data, including indicators of compromise, shared with partner agencies, and key stakeholders
• Ability to extract threat data, including IPs, domains, ports, malware, and malicious communications from multiple sources
• Ability to communicate and present to a variety of internal and external audiences, including senior executives
• Possession of excellent verbal and written communication skills

Preferred Requirements

• Experience with Python, Bash, or Perl
• Experience with Elasticsearch, Logstash, and Kibana (ELK) Stack, or Splunk
• Experience with Packet analysis tools, including tcpdump, Wireshark, and ngrep
• Experience with programming languages
• Ability to think and work independently with minimal supervision
• Ability to prioritize and execute in a methodical and disciplined manner
• Ability to lead staff and processes

Education/Certification Requirements

• A Bachelor's degree is required

Clearance Requirements

• Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; an active TS/SCI clearance is required.