Cyber Incident Assessment Analyst

At phia we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients.
phia is hiring a Cyber Incident Assessment Analyst to support a unique Federal review board responsible for investigating, evaluating, and reporting on notable cybersecurity incidents. The goal is to enhance the protection of our nation's networks and infrastructure and to inform and guide cybersecurity efforts across government, industry, and the broader security community. This role presents a meaningful and career-enhancing opportunity. This is a hybrid role. The ideal candidate will be able to work remotely and report occasionally to an on-site customer location in Arlington, VA.  

What You'll Do

• Collect and analyze public and nonpublic documents, reports, assessments, and other records regarding cyber incidents under review as requested by federal staff in support of the Board and the Subcommittee(s).
• Provide fact and skill-specific cybersecurity subject matter expertise on a variety of topics in support of Board activities, including preparation of technical questions for requested speakers and in support of requests for information, technical analysis and summaries of information received from requests for information, research on cybersecurity issues and threats, and present or prepare presentation materials, summary documents, talking points, and other information for Board meetings and subcommittee meetings.
• Conduct analysis of a wide range of cyber-related events and campaigns.
• Review other analysts/researchers’ products as part of the peer-review process.
• Provide general cybersecurity subject matter expertise on a variety of topics including the development of white papers on cybersecurity-related topics, subcommittee support, and ensure technically accurate and readable notes from all Board meetings and subcommittee meetings.
• Conduct research and analysis of topics (incident response, threat hunting, vulnerabilities, etc.) related to significant cyber events   
• Develop well-formed written analytical products and executive summaries 
• Participate in meetings and assist in conducting interviews of stakeholders and board members to aggregate key information for analysis 
• Analyze datasets and collect information, leveraging various models and frameworks to include MITRE ATT&CK, Diamond Model, Cyber Kill Chain, etc.  
• Prepare written analysis of cyber incidents and responses related to the Board’s reviews, in support of the Board, to include a factual record of events, technical analysis of causes and responses to cyber incidents, and as otherwise required to support the recommendations of the customer. 
• Draft written summaries of factual and technical findings related to cyber incidents and responses related to the customer’s reviews.

Experience Requirements

• Ability to communicate and collaborate with various audiences from technical analysts (e.g., malware analysts, Cyber Threat Intelligence (CTI) analysts, Incident Response (IR) and Cyber Hunt analysts), to academic researchers, to business and functional managers and leaders, to senior executives in both the public and private sectors. 
• Strong written and verbal communication
• BS/BA + 15 years of work experience (not necessarily just cyber) additional years of experience may be substituted for a degree. 

Security Clearance

• U.S. citizenship
• Active Top-Secret Clearance
• Able to obtain DHS suitability (EOD))

Preferred Certifications (one or more)

• Security+, CEH, CISSP or equivalent 
• GIAC technical or management certifications (e.g. GCIH, GOSI, etc.) 

#LI-LC1
Who You Are A proactive problem solver that appreciates the challenges of working in a fast-paced, dynamic environment.Intellectually curious with a genuine desire to learn and advance your career.An effective communicator, both verbally and in writing.Customer service-oriented and mission-focused.Critical thinker with excellent problem-solving skills If your experience and qualifications aren’t a match for this position, you will remain in our database for consideration for future opportunities that may be a better fit.
Who We Arephia, LLC is a Northern Virginia-based, small business established in 2011 with a focus on Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, and Information Assurance/Security. we proudly support various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.phia values work-life balance and offers the following benefits to full-time employees: Comprehensive medical insurance to include dental and visionShort Term & Long-Term Disability 401k Retirement Savings Plan with Company MatchTuition and Professional Development Assistance Flex Spending Accounts (FSA)
phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in the provision of employment opportunities and benefits.