Senior Cyber Threat Analyst

Senior Cyber Threat Analyst

Location: Arlington, VA

- Must have an active TS/SCI clearance

Node is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution.

Node is seeking a Senior Cyber Threat Analyst to support this critical customer mission.

Responsibilities:

- Correlating incident data to identify specific trends in reported incidents

- Recommending defense in-depth principles and practices (i.e. Defense in Multiple Places, layered defenses, security robustness, etc.)

- Performing Computer Network Defense incident triage to include determining scope, urgency, and potential impact

- Researching and compiling known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents

- Applying knowledge of the tactics, techniques, and procedures of various criminal, insider, hacktivist, and nation-state threat actors to identify and validate threats

- Applying cybersecurity concepts to the detection and defense of intrusions into small, and large-scale IT networks

- Monitoring external data sources (e.g., Computer Network Defense vendor sites, Computer Emergency Response Teams [CERTs], SANS, Security Focus) to maintain the currency of

Computer Network Defense threat conditions

- Identifying the cause of an incident and recognizing the key elements to ask external entities when learning the background and potential infection vector of an incident,

- Receiving and analyzing network alerts from various sources within the enterprise and determining possible causes

- Tracking and documenting Computer Network Defense (CND) incidents from initial detection through final resolution

- Providing support during assigned shift (Weekdays 0600-1430, 1400-2230, 2200-0630, Weekends 0600-1830, 1800-0630)

Requirements

Required Skills:

- U.S. Citizenship

- Must have an active TS/SCI clearance

- Must be able to obtain DHS Suitability

- 5+ years of directly relevant experience in cyber incident management or cybersecurity operations

- Knowledge of incident response and handling methodologies

- Having close familiarity with NIST 800-62 (latest revision), and FISMA standards as they pertain to reporting incidents.

- Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident

- Knowledge of general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)

- Skill in recognizing and categorizing types of vulnerabilities and associated attacks

- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay,

return-oriented attacks, and malicious code)

Desired Skills:

- Knowledge of basic system administration and operating system hardening techniques

- Knowledge of Computer Network Defense policies, procedures, and regulations

- Knowledge of different operational threat environments (e.g., first-generation [script kiddies], second generation [non nation-state sponsored], and third-generation [nation-state sponsored])

- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)

Required Education:

BS Incident Management, Operations Management, Cybersecurity or related degree.

Two years of related work experience may be substituted for each year of degree level

Company Overview:

Node.Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.

Our Core Values help us in our mission. They include:

OUR CORE VALUES

**Identifying the~RIGHT PEOPLE~and developing them to their full capabilities**

**Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner**

**We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence**

**Our mantra is “~Simple*Secure*Speed~” in the delivery of innovative services and solutions**

Benefits

• Medical (90% Coverage for Employee)
• Dental
• Vision
• Basic Life (100% Coverage for Employee)
• Long Term Disability (100% Coverage for Employee)
• Health Saving Account
• 401K
• Three weeks of PTO
• 10 Paid Holidays
• Pre-Approved Online Training