Cyber Threat Intelligence (CTI) Lead - Hybrid

Company Description

KeyLogic employees 700  IT systems designers, developers, mission specialists and security professionals serving government, academic, and private entities from its offices in McLean, VA, Oak Ridge, TN, Dayton, OH, Morgantown, WV, Alexandria, VA, and the UK.

Job Description

Job Description:

KeyLogic is actively seeking a Cyber Threat Intelligence (CTI) Lead to enable our operational counterparts advanced analytics support to promote the rapid analysis of national level cyber threats and incidents.  The hours for the position are Monday through Friday core hours but the ideal candidate will provide technical support on-call to a 24x7 cyber program in the areas of cyber threat intelligence, cyber hunt, and incident response.

Corporate duties such as solution/proposal development, corporate culture development, mentoring employees, supporting recruiting efforts, will also be required.  The program is currently operating on a Hybrid schedule with onsite work to be performed in Alexandria, VA.  Contingent upon completing a program-based background investigation.

Required Qualifications:

• Bachelor’s Degree in Information Technology, Cyber Security, Computer Science, Computer Engineering, or Electrical Engineering.
• Active Top Secret Clearance, with SCI eligibility.
• A minimum of four (4) years of professional experience with a solid understanding of incident response, insider threat investigations, forensics, cyber threats and information security.
• A minimum of four (4) years of experience as a Tier III senior cyber security analyst performing intelligence analysis, collection management, and technical analysis.Hands-On experience that includes host-based and network-based security monitoring using cybersecurity capabilities.  Some of the hands-on experience must be recent within the past 2 years.
• The candidate must possess a strong cyber security background with experience in: host-based and network-based forensics related to the identification of advanced cyber threat activities, intrusion detection, incident response, malware analysis, security content development (e.g., signatures, rules etc.), and cyber threat intelligence.
• Must have experience in developing scripts to support cyber threat detection that outputs results in a variety of formats, such as Powershell and Javascript and REST API, Python, C++, and HTML, XML or other type most appropriate for the task.
• Must have experience in conducting cyber threat analysis, identifying mitigation and remediation courses of action; developing actionable intelligence used to protect organizational IT assets; and trending cyber threat metrics for leadership situational awareness.
• Must have experience in maintaining a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats actors and activities to enhance cybersecurity posture of the organization’s IT operating environment.
• Ability and experience extracting and managing complex large data sets.
• Strong documentation and written communication skills with technical report writing experience

Desired Qualifications:

• Active Top Secret Clearance, with SCI eligibility.
• Demonstrated understanding  of  incident  response,  insider  threat  investigations, forensics, cyber threats and information security. 

Hybrid Schedule:  

3 Days Onsite - 1 Week, 2 Days Onsite the Following Week.  Schedule will alternate every week.  

KeyLogic offers a very competitive benefits package including paid health insurance coverage from first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.

KeyLogic is an Equal Opportunity Employer (EOE). M/F/D/V.

Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation - Applicants must meet eligibility requirements – US CITIZENSHIP and AGENCY CLEARANCE REQUIRED.

Qualifications

Desired Qualifications:

• Active Top Secret Clearance, with SCI eligibility.
• Demonstrated understanding  of  incident  response,  insider  threat  investigations, forensics, cyber threats and information security. 

Hybrid Schedule:  

3 Days Onsite - 1 Week, 2 Days Onsite the Following Week.  Schedule will alternate every week.  

Additional Information

• Applicant selected will need to be a U.S. citizen and subject to a government background investigation.
• KeyLogic is proud to be an EEO/AA employer M/F/D/V.