Cyber Threat Analyst - Public Trust Clearance - with Growth Opportunities

Clearance: Public Trust

Job Description:

• Identifies and assesses the capabilities and activities of cyber criminals or foreign intelligence entities; produces finds to help initialize or support law enforcement and counterintelligence investigations or activities.

Details:

• Identify and develop threat signatures from all available sources.
• Maintain threat indicators within the threat intelligence platform.
• Implement and support standard procedures for incident response.
• Interface with Business Unit Information System Security Officers and Incident Response Teams

Key Responsibilities:

• Implement a dynamic, advanced Risk-Based Alerting (RBA) security framework within Splunk.
• Create and test detections written in advanced Splunk Programming Language (SPL)
• Perform analysis on hosts running on a variety of platforms and operating systems, to include Microsoft Windows & Linux.
• Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security.
• Leverage tools including Splunk, Tanium, Firepower, Azure, GoogleCloud, SentinelOne, SESC suite as part of duties performing cyber incident response analysis.
• Act as an observer to Red Team penetration testing exercises and collaborating with Cybersecurity Operations Center (CSOC)
• Correlate event or incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
• Work with a diverse team of analysts in conducting incident triage, incident handling, and remediation.

Experience Level:

• 3-5 years of experience with security operations and incident response

Education:

• Bachelor's OR master's degree in computer science, Information Systems, or other related field. Or equivalent work experience.

Certifications One or more of the following Certification(s):

• CISSP, CISA, CISM, GIAC, RHCE.