Senior Cyber Threat Analyst

Job Description

Overview

This position description is subject to change at any time as needed to meet the requirements of the program or company.

Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism.

The Defensive Cyber Operations (DCO) Division within the Regional Cyber Center - Europe (RCC-E) is looking for a candidate with strong scripting abilities, experience with systems security administration, and network security technologies. The Senior Cyber Threat Analyst (DCO) will design, implement, automate, maintain, and optimize measures protecting systems, networks, and information.

This position is contingent upon successful contract award to V2X.

#clearance

Responsibilities

Major Job Activities:

• Oversee monitor, detect, analyze, and correlate events for potential threat activity utilizing Security Information Event Management (SIEM) systems, Big Data Analytics, and other supporting platforms or applications.
• Lead exploratory and in-depth analysis of network traffic from security devices, analysis of host-based audit logs, malware analysis, trending of cyber incident reports, correlation of classified and open-source threat reporting, and linkages / integration with other DCO agencies.
• Investigate and identify the cause, source, and methodology of compromises or incidents.
• Initiate computer incident handling procedures to isolate and investigate potential network information system compromises.
• Perform trend analysis on events and incidents to identify and characterize threats.
• Conduct open-source research to identify commercial exploits or vulnerabilities (i.e. Zero - Day) required response actions.
• Organize and conduct Cyber hunt missions that include, but are not limited to, examining information systems, network devices, and endpoints for indicators of compromise.
• Prepares formal comprehensive reports and presentations for both technical and executive audiences.
• Configure and optimize software and hardware detection and prevention capabilities.
• Perform host and network base signature development and standardization for implementation on end-point products or sensor grid.
• Develop, document, and refine Tactics, Techniques, and Procedures (TTP).

Material & Equipment Directly Used:

• Basic Office Equipment

Working Environment:

• Normal office environment
• May require support during periods of non-traditional working hours including nights or weekends.

Physical Activities:

• Must be able to lift / push / pull 40 lbs. unassisted.

Qualifications

Required Education / Certifications:

• Candidates must possess one of the following:
  • Education:
    • A Bachelor's degree in Engineering or Computer Science or Science or Business Administration or Mathematics plus five (5) years of specialized experience; OR
    • An Associate's degree plus seven (7) years of specialized experience; OR
    • A major certification plus seven (7) years of specialized experience; OR
    • 11 years of specialized experience.
  • OR, one of the following Certifications:
    • Cisco Certified CyberOps Associate (CBROPS)
    • CertNexus CyberSec First Responder (CFR)
    • Cybersecurity Analyst (CySA+)
    • GIAC Certified Forensic Analyst (GCFA)
    • GIAC Certified Intrusion Analyst (GCIA)
    • GIAC Global Industrial Cyber Security Professional (GICSP)
• Additionally , c andidates must also possess at least one of the following certifications:
  
  • GIAC Network Forensic Analyst (GNFA)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Cyber Threat Intelligence (GCTI)
  • GIAC Defensible Security Architecture (GDSA)
  • GIAC Certified Detection Analyst (GCDA)
  • GIAC Reverse Engineering Malware (GREM)
  • Blue Team Level 2
  • Microsoft Certified: Cybersecurity Architect Expert
  • Zero Point Red Team Ops (RTO)
  • OffSec Defense Analyst (OSDA)

Required Experience:

• Experience in performing threat analysis of computer vulnerability advisories, current network penetration techniques, and threat reports to determine security concerns and design improvements to strengthen the computer network's defensive posture.
• Expert level knowledge of network logs such as but not limited to firewall, PCAP, NetFlow, Zeek, DNS, and web proxy.
• Experience in reviewing and correlating alerts, user activity, and network traffic data for anomalous activity or other indications of real or potential violations.
• Ability to review network diagrams and topologies to determine potential vulnerabilities and logging gaps.
• Ability to analyze RAM and Microsoft System Dumps for anomalous and malicious activity.
• Develop and distribute cyber threat awareness products which articulate findings to both technical and non-technical audiences.
• DCWF Proficiency Level: Advanced - Cybersecurity (Defense Analyst) (511).

Clearance Requirement:

• This position requires an active Top Secret / Sensitive Compartmented Information (TS / SCI) Security Clearance.

Skills & Technology Used:

• ArcSight, AESS, JRSS, IronPort, Security Onion, Gabriel Nimbus BDP.

At V2X, we are deeply committed to both equal employment opportunity, including protection for Veterans and individuals with disabilities, and fostering an inclusive and diverse workplace. We ensure all individuals are treated with fairness, respect, and dignity, recognizing the strength that comes from a workforce rich in diverse experiences, perspectives, and skills. This commitment, aligned with our core Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation, and expand our success in the global marketplace, ultimately enabling us to best serve our clients.