Senior Cyber Threat Analyst - Assessment

Job Description

Overview

This position description is subject to change at any time as needed to meet the requirements of the program or company.

Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism.

The Defensive Cyber Operations (DCO) Division within the Regional Cyber Center - Europe (RCC-E) is looking for a candidate with strong scripting abilities, experience with systems security administration, and network security technologies. The Senior Threat Analyst - Assessment (DCO) will design, implement, automate, maintain, and optimize measures protecting systems, networks, and information.

This position is contingent upon successful contract award to V2X.

#clearance

#LI-LN1

Responsibilities

Major Job Activities:

• Oversee monitor, detect, analyze, and correlate events for potential threat activity utilizing Security Information Event Management (SIEM) systems, Big Data Analytics, and other supporting platforms or applications.
• Lead exploratory and in-depth analysis of network traffic from security devices, analysis of host-based audit logs, malware analysis, trending of cyber incident reports, correlation of classified and open-source threat reporting, and linkages / integration with other DCO agencies.
• Investigate and identify the cause, source, and methodology of compromises or incidents.
• Initiate computer incident handling procedures to isolate and investigate potential network information system compromises.
• Perform trend analysis on events and incidents to identify and characterize threats.
• Conduct open-source research to identify commercial exploits or vulnerabilities (i.e. Zero - Day) required response actions.
• Organize and conduct Cyber hunt missions that include, but are not limited to, examining information systems, network devices, and endpoints for indicators of compromise.
• Prepares formal comprehensive reports and presentations for both technical and executive audiences.
• Configure and optimize software and hardware detection and prevention capabilities.
• Perform host and network base signature development and standardization for implementation on end-point products or sensor grid.
• Develop, document, and refine Tactics, Techniques, and Procedures (TTP).

Material & Equipment Directly Used:

• Basic Office Equipment

Working Environment:

• Normal office environment
• May require support during periods of non-traditional working hours including nights or weekends.

Physical Activities:

• Must be able to lift / push / pull 40 lbs. unassisted.

Qualifications

Required Education / Certifications:

• Candidates must possess one of the following:
  • Education:
    • A Bachelor's degree in Engineering or Computer Science or Science or Business Administration or Mathematics plus five (5) years of specialized experience; OR
    • An Associate's degree plus seven (7) years of specialized experience; OR
    • A major certification plus seven (7) years of specialized experience; OR
    • 11 years of specialized experience.
  • OR, one of the following Certifications:
    • Certified Ethical Hacker Professional (CEH(P))
    • Rocheston Certified Cybersecurity Engineer, Level 1 (RCCE Level 1)
    • Cloud+
    • Certified Penetration Testing Engineer (CPTE)
    • Federal IT Security Professional - Auditor (FITSP-A)
    • GIAC Certified Enterprise Defender (GCED)
    • GIAC Certified Incident Handler (GCIH)
    • GIAC Cloud Security Automation (GCSA)
    • GIAC Global Industrial Cyber Security Professional (GICSP)
    • GIAC Security Essentials Certification (GSEC)
    • PenTest+
    • Security+
    • CertNexus CyberSec First Responder (CFR)
    • Certified Information Systems Auditor (CISA)
    • Certified Information Security Manager (CISM)
    • Cybersecurity Analyst (CySA+)
    • GIAC Penetration Tester (GPEN)
    • GIAC Systems & Network Auditor (GSNA)
• Additionally , c andidates must also possess at least one of the following certifications:
  • TCM Security Practical Network Penetration Tester (PNPT)
  • Offensive Security Certified Professional (OSCP)
  • Hack The Box Certified Penetration Testing Specialist (HTB CPTS)
  • Zero Point Red Team Ops (RTO)
  • Offensive Security Certified Expert (OSCE)
  • GIAC Penetration Tester (GPEN)
  • GIAC Web Application Penetration Tester (GWAPT)
  • GIAC Assessing and Auditing Wireless Networks (GAWN)
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • GIAC Web Application Defender (GWEB)

Required Experience:

• Experience in Vulnerability Assessment, Penetration Testing, and Web Application security Assessments.
• Experience in running assessments on Microsoft Active Directory and Linux environments along with associated infrastructure.
• Experience with penetration testing frameworks such as Metasploit, Core Impact, and/or Immunity Canvas.
• Experience in evaluating web servers and web applications manually and with such automated tools as Open Web Application Security Project Zed Attack Proxy (OWASP ZAP) and/or Portswigger Burp Suite.
• Experience with scripting languages such as Bash, Python, and/or Powershell.
• Experience in report writing and articulating assessment findings to both technical and non-technical audiences.
• DCWF Proficiency Level: Intermediate - Cybersecurity (Vulnerability Analyst) (541).

Clearance Requirement:

• This position requires an active Top Secret / Sensitive Compartmented Information (TS / SCI) Security Clearance.

Skills & Technology Used

• ArcSight, AESS, JRSS, IronPort, Security Onion, Gabriel Nimbus BDP.

At V2X, we are deeply committed to both equal employment opportunity, including protection for Veterans and individuals with disabilities, and fostering an inclusive and diverse workplace. We ensure all individuals are treated with fairness, respect, and dignity, recognizing the strength that comes from a workforce rich in diverse experiences, perspectives, and skills. This commitment, aligned with our core Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation, and expand our success in the global marketplace, ultimately enabling us to best serve our clients.