Senior Cyber Threat Analyst_Arlington, VA

Computer, Cyber security, Documentation, Education, FISMA, FOCUS, Hardening, IMPACT, Incident management, Mobile, Monitoring, NIST SP 800 Series, Networking, Operating systems, Operations, Operations management, PL/SQL, Policies, Printing, Project management, Receiving, Reporting, Research, SANS, Scripting, Security, Security clearance, Software security, System administration
Full Time
Depends on Experience
Work from home available Travel not required

Job Description

Job Title: Senior Cyber Threat Analyst Job Location:Arlington, VA Job Type: Full time

· Correlating incident data to identify specific trends in reported incidents
· Recommending defense in depth principles and practices (i.e. Defense in Multiple Places, layered defenses, security robustness, etc.)
· Performing Computer Network Defense incident triage to include determining scope, urgency, and potential impact
· Researching and compiling known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents
· Applying knowledge of the tactics, techniques, and procedures of various criminal, insider, hacktivist, and nation state threat actors to identify and validate threats
· Applying cybersecurity concepts to the detection and defense of intrusions into small, and large-scale IT networks
· Monitoring external data sources (e.g., Computer Network Defense vendor sites, Computer Emergency Response Teams [CERTs], SANS, Security Focus) to maintain currency of Computer Network Defense threat conditions
· Identifying the cause of an incident and recognizing the key elements to ask external entities when learning the background and potential infection vector of an incident,
· Receiving and analyzing network alerts from various sources within the enterprise and determine possible causes
· Tracking and documenting Computer Network Defense (CND) incidents from initial detection through final resolution
· Providing support during assigned shifts (2:00 PM - 10:30 PM ET or 10:00 PM - 6:30 AM ET and 12 hour weekend shifts)
· BS Incident Management, Operations Management, Cybersecurity or related degree (Two years of related work experience may be substituted for each year of degree level education)
· 5+ years of directly relevant experience in cyber incident management or cybersecurity operations
· Knowledge of incident response and handling methodologies
· Having close familiarity with NIST 800-62 (latest revision), and FISMA standards as they pertain to reporting incidents.
· Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident
· Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
· Skill in recognizing and categorizing types of vulnerabilities and associated attacks
· Knowledge of basic system administration and operating system hardening techniques
· Knowledge of Computer Network Defense policies, procedures, and regulations
· Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored]) - Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)
Clearance Requirements
· U.S. Citizenship
· Must have an active Secret
· Must be able to obtain DHS Suitability

Thanks & Regards

Dice Id : 90987828
Position Id : 6724048
Originally Posted : 1 week ago
Have a Job? Post it