Senior Cyber Threat Analyst

Company Description

Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.

Job Description

Overview

**This position is contingent upon contract award**

SOSi is seeking a Senior Cyber Threat Analyst in Wiesbaden, Germany. The ideal candidate will possess senior-level expertise in analyzing computer vulnerability advisories, network penetration techniques, and global threat reports. This role involves determining security concerns and designing strategic improvements to strengthen the computer network's defensive posture in support of theater-level mission requirements.

Essential Job Duties

• Perform comprehensive threat analysis of vulnerability advisories and current network penetration techniques to identify potential risks to theater infrastructure.
• Utilize expert-level knowledge of network logs, including firewall, PCAP, NetFlow, Zeek, DNS, and web proxy, to identify emerging threats and anomalous patterns.
• Review and correlate security alerts, user activity, and network traffic data to identify indications of real or potential policy violations or intrusions.
• Review network diagrams and topologies to identify potential vulnerabilities, single points of failure, and logging gaps that could be exploited by adversaries.
• Analyze RAM and Microsoft System Dumps to detect anomalous and malicious activity residing in volatile memory.
• Design and recommend architectural improvements to strengthen the defensive posture of the network based on analyzed threat trends.
• Develop and distribute cyber threat awareness products that clearly articulate investigative findings to both technical and non-technical audiences.

Qualifications

Minimal Requirements

• Active in scope TS/SCI clearance.
• BA/BS degree (Engineering, Computer Science, Science, Business Administration, or Mathematics) plus five (5) years of specialized experience OR Associate's degree plus seven (7) years of specialized experience OR a major professional certification plus seven (7) years of specialized experience OR eleven (11) years of specialized experience.
• Possession of at least one of the following: GIAC: GNFA or GCIH or GCTI or GDSA or GCDA or GREM or Blue Team Level 2 (BLT2) or Microsoft Certified: Cybersecurity Architect Expert or Zero Point RTO (Red Team Ops) or Offensive Security Defense Analyst (OSDA).
• Experience performing threat analysis of computer vulnerability advisories and network penetration techniques.
• Expert-level knowledge of network logs (Zeek, NetFlow, DNS, PCAP).
• Proven ability to analyze RAM and System Dumps for malicious activity.
• Experience reviewing network diagrams to determine vulnerabilities and logging gaps.

Preferred Qualifications

• Experience utilizing Threat Intelligence Platforms (TIPs) and STIX/TAXII feeds.
• Strong understanding of the Diamond Model of Intrusion Analysis.
• Familiarity with YARA or Snort rule development for threat hunting.
• Prior experience in a Cyber Threat Intelligence (CTI) cell or theater-level SOC.

Additional Information

Work Environment

• Normal office conditions with potential to perform duties in deployed locations.
• May be requested to work evenings and weekends to meet program and contract needs.

Working at SOSi

• All interested individuals will receive consideration and will not be discriminated against for any reason.