Senior Cyber Threat Analyst
Arlington, Virginia, United States
Node.Digital
Market leader in Digital Transformation & Automation using Artificial Intelligence and Machine LearningSenior Cyber Threat Analyst
Location: Arlington, VA
- Must have an active TS/SCI clearance
Node is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution.
Node is seeking a Senior Cyber Threat Analyst to support this critical customer mission.
Responsibilities:
- Correlating incident data to identify specific trends in reported incidents
- Recommending defense in-depth principles and practices (i.e. Defense in Multiple Places, layered defenses, security robustness, etc.)
- Performing Computer Network Defense incident triage to include determining scope, urgency, and potential impact
- Researching and compiling known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents
- Applying knowledge of the tactics, techniques, and procedures of various criminal, insider, hacktivist, and nation-state threat actors to identify and validate threats
- Applying cybersecurity concepts to the detection and defense of intrusions into small, and large-scale IT networks
- Monitoring external data sources (e.g., Computer Network Defense vendor sites, Computer Emergency Response Teams [CERTs], SANS, Security Focus) to maintain the currency of
Computer Network Defense threat conditions
- Identifying the cause of an incident and recognizing the key elements to ask external entities when learning the background and potential infection vector of an incident,
- Receiving and analyzing network alerts from various sources within the enterprise and determining possible causes
- Tracking and documenting Computer Network Defense (CND) incidents from initial detection through final resolution
- Providing support during assigned shift (Weekdays 0600-1430, 1400-2230, 2200-0630, Weekends 0600-1830, 1800-0630)
Requirements
Required Skills:
- U.S. Citizenship
- Must have an active TS/SCI clearance
- Must be able to obtain DHS Suitability
- 5+ years of directly relevant experience in cyber incident management or cybersecurity operations
- Knowledge of incident response and handling methodologies
- Having close familiarity with NIST 800-62 (latest revision), and FISMA standards as they pertain to reporting incidents.
- Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident
- Knowledge of general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
- Skill in recognizing and categorizing types of vulnerabilities and associated attacks
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay,
return-oriented attacks, and malicious code)
Desired Skills:
- Knowledge of basic system administration and operating system hardening techniques
- Knowledge of Computer Network Defense policies, procedures, and regulations
- Knowledge of different operational threat environments (e.g., first-generation [script kiddies], second generation [non nation-state sponsored], and third-generation [nation-state sponsored])
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)
Required Education:
BS Incident Management, Operations Management, Cybersecurity or related degree.
Two years of related work experience may be substituted for each year of degree level
Company Overview:
Node.Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.
Our Core Values help us in our mission. They include:
OUR CORE VALUES
**Identifying the~RIGHT PEOPLE~and developing them to their full capabilities**
**Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner**
**We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence**
**Our mantra is “~Simple*Secure*Speed~” in the delivery of innovative services and solutions**
Benefits
- Medical (90% Coverage for Employee)
- Dental
- Vision
- Basic Life (100% Coverage for Employee)
- Long Term Disability (100% Coverage for Employee)
- Health Saving Account
- 401K
- Three weeks of PTO
- 10 Paid Holidays
- Pre-Approved Online Training
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security Automation Clearance FISMA Incident response Monitoring NIST SANS Scripting SQL TS/SCI Vulnerabilities XSS
Perks/benefits: Career development Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs