Cyber Threat Analyst II

NewGen

$85K — $110K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • US Citizenship; Active TS/SCI Clearance required
  • DHS Suitability must be obtained
  • BS in Incident Management, Operations Management, Cybersecurity, or related; or HS Diploma with 4-6 years of relevant experience
  • 2+ years of experience in cyber incident management or operations
  • Knowledge of incident response and handling methodologies
  • Familiarity with NCCIC National Cyber Incident Scoring System
  • Understanding of attack stages and typical vulnerabilities

Responsibilities

  • Research known solutions for mitigating Computer Network Defense incidents
  • Identify and validate threats using knowledge of various threat actors
  • Apply cybersecurity concepts to detect and defend against intrusions
  • Analyze log data for security incidents
  • Monitor external data sources for threat updates
  • Determine causes of incidents and interact with external entities for background information
  • Track and document incidents from detection to resolution

Benefits

  • Collaboration opportunities across various government and cybersecurity agencies
  • Impactful work supporting government mission and public safety
  • Structured environment focused on cybersecurity development
  • Opportunities to enhance incident management and operational skills
  • Access to continuous learning and professional training programs
Full Job Description
Our Partner is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel perform investigations to characterize of the severity of breaches, develop mitigation plans, and assist with the restoration of services. They are seeking a Cyber Threat Analyst to support this critical customer mission.

Responsibilities
  • Research and compile known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents within the enterprise
  • Apply knowledge of the tactics, techniques, and procedures of various criminal, insider, hacktivist, and nation state threat actors to identify and validate threats
  • Apply cybersecurity concepts to the detection and defense of intrusions into small, and large-scale IT networks, and conduct cursory analysis of log data
  • Conduct cursory analysis of log data
  • Monitor external data sources (e.g., Computer Network Defense vendor sites, Computer Emergency Response Teams [CERTs], SANS, Security Focus) to maintain currency of Computer Network Defense threat condition and determine which security issues may have an impact on the enterprise
  • Identify the cause of an incident and recognize the key elements to ask external entities when learning the background and potential infection vector of an incident
  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts
  • Track and document Computer Network Defense (CND) incidents from initial detection through final resolution
  • Work with other components within the organization to obtain and coordinate information pertaining to ongoing incidents
  • Providing support during assigned shifts

Requirements
  • US Citizenship; Active TS/SCI Clearance
  • Must be able to obtain DHS Suitability
  • BS Incident Management, Operations Management, Cybersecurity or related degree. HS Diploma with 4-6 years of incident management or cyber security experience
  • 2+ years of directly relevant experience in cyber incident management or cybersecurity operations
  • Knowledge of incident response and handling methodologies
  • Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident
  • Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
  • Skill in recognizing and categorizing types of vulnerabilities and associated attacks
  • Knowledge of basic system administration and operating system hardening techniques
  • Knowledge of Computer Network Defense policies, procedures, and regulations
  • Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
  • Must be able to work collaboratively across physical locations

Desired Skills
  • Knowledge of basic system administration and operating system hardening techniques
  • Knowledge of Computer Network Defense policies, procedures, and regulations
  • Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)


Similar Jobs

More Jobs at NewGen

More Information Technology Jobs

Find similar Cyber Threat Analyst II jobs: