Govt Cyber Threat Intel Analyst Sr and Mid (EDR/Crowdstrike/Falcon, Threat, report writing) 99% telework (Citizen)

  • Washington D.C., DC
  • Posted 60+ days ago | Updated 1 day ago

Overview

Remote
Hybrid
Depends on Experience
Full Time

Skills

EDR
crowd strike
Falcon
Threat
Intel
Network security

Job Details

Hello,

Client is looking for much like the Threat Intelligence Analyst, but perhaps more targeted and junior. Candidates who’ve consumed threat intel feeds like CrowdStrike Falcon Intelligence (this client uses CrowdStrike EDR), Mandiant Threat Intelligence, etc. to either take action or make recommendations to modify the defenses of an enterprise network. Someone who can or has put fingers on a keyboard to modify network defenses over a researcher only. Position is with Govt client and required citizenship due to clearance, sorry no sponsor or any-other visa at this time.

LOCATION: Washington, DC

PAY/SALARY: 1099 / W2

CLEARANCE: eligible for clearance public trust or secret (ship due to Federal client)

SCHEDULE: 99% Telework but client may requires site visit 2 to 3 times a year.

EXPERIENCE:
Seven to Ten (7 to 10) years of experience in IT and 5 to 7 years in Information System Security/Cyber Security/Computer Forensics, or Insider Threat or Threat Intel.

Responsibilities include, but are not limited to: • Conducting proactive threat hunts to uncover previously undetected adversary behavior, performing in-depth host and network log analysis, and delivering systematic threat assessments. • Reviewing operational detection mechanisms to assess security posture, recommending new/custom signatures to counter prospective threats and enable future threat hunts. • Managing cyber intelligence requirements and focusing cyber intelligence collection efforts. Identifying emerging cyber technologies, capabilities, or weapons which pose a threat to US / Federal System. • Collecting and analyzing all-source threat intelligence to identify adversary capabilities and intent, driving resource allocation for enterprise cyber defense operations. • Producing comprehensive cybersecurity reports, providing sourced and summarized threat intelligence, outlining threat hunt findings and limitations, and presenting recommendations to system owners, cyber defenders, and policy makers. • Coordinating with the U.S. Intelligence Community and private sector to exchange threat intelligence, emerging trends, and effective countermeasures. • Researching known adversarial Tactics, Techniques and Procedures (TTPs) to identify foundational components, isolate associated host or network events, and enable threat mitigation, detection, and response.

Someone who’ve consumed threat intel feeds like CrowdStrike Falcon Intelligence (this client uses CrowdStrike EDR), Mandiant Threat Intelligence, etc. to either take action or make recommendations to modify the defenses of an enterprise network.

• Creating custom cybersecurity dashboards to monitor host and network activity, enabling rapid identification of successful and unsuccessful intrusion attempts. • Performing analysis, correlation, and attribution of incidents to Advanced Persistent Threat (APT) groups. • Ensuring the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies. • Performing research and analysis of APT infrastructure and malicious binaries, external cyber threat intelligence reporting and production. • Collaborating across the U.S. Judiciary system regarding observed threats, intrusion attempts, and successful compromises to network infrastructure, applications, and operating systems.

Education:
Associate / BS/BA in Computer Science, Information Systems Engineering, Business, Physical Science, or
other technology-related discipline.

EDUCATION SUBSTITUTION:
Certificates such as Microsoft’s MCSE, or Cisco’s, CCNA, CCDA or CCIE, may be considered equivalent
to two (2) years of general experience / information technology experience.
The CISSP or Security related certificate may be considered equivalent to two (2) years of information security experience.