Cyber Threat & Fusion Analyst
Maryland & Georgia Locations
The employee shall provide support for the ongoing analysis of threats capable of impacting resources based on review of programmatic, technical, and IA Certification and Accreditation documentation and daily review of open source / unclassified and classified threat warnings and bulletins.
Performs cyber intelligence gathering and threat analysis of threats, including nation-state sponsored threats for a large organization. Actively provides in-depth incident analysis. Evaluates security incidents and performs research. Monitors, analyzes and correlates network traffic utilizing the latest in security tools and technology. Reviews threat data from various sources; coordinates with federal leadership, as well as government agencies to provide reporting and situational awareness.
Perform daily review of cyber threat warnings, bulletins, alerts, and incident reporting documentation and databases produced by the U.S. Government (USG), Department of Defense (DoD) and Intelligence Community (IC).
Conducts research on emerging security threats; Provides correlation and trending of cyber incident activity.
Maintains knowledge of adversary activities, including intrusion set tactics, techniques and procedures (TTP).
Maintains Situational Awareness and reports on advanced threats, including Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
Communicates events to agencies regarding intrusions and compromises to network infrastructure, applications and operating systems; assists with implementation of counter-measures and mitigating controls.
Analyzes relevant cyber security event data for attack indicators and breaches that may yield detection/prevention content
Prepares cyber threat assessments based on threat analysis, coordinates cyber threat tracking with other organizations and the government; assists in developing reports, briefings and assessments to facilitate the understanding of cyber threats.
Provides expert quality network traffic (PCAP) and Net Flow analysis.
Experience with multiple programming languages.
Experience in software reverse engineering or software development.
In-depth knowledge of IDA Pro/Debuggers.
In-depth knowledge of dynamic /static malware analysis and memory analysis.
In-depth knowledge of Windows Operating System Internals (Kernel, Registry, File System, Windows APIs.
Supports SOC analysis and incident response as needed.
Creates and maintains Standard Operating Procedures and other documentation as needed.
Must have a minimum of 2 years hands-on CND experience.
Excellent written and verbal communication skills.
Excellent problem solving skills.
Compliance with applicable DoD 8570.01-M requirements.
Requires at least IAT Level II and CND Analyst certifications.
Top Secret Clearance required.
Apply on Line: http://nationalrecruiters.catsone.com/careers
Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.