Cyber Threat Analyst Associate

About The Position

Requirements

• Experience working within a wide range of environments to include Linux, UNIX, Windows in addition to a strong understanding of networking, the OSI model, and TCP/IP protocols
• Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations
• Technical Training, Certification, or Degree
• 0+ years related experience
• Knowledge of information security event monitoring and detection and NID monitoring and incident response; Cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks); Attack methods and techniques (e.g., DDoS, brute force, spoofing, etc.)
• Knowledge of IPS/IDS, managing cases with enterprise SIEM systems (e.g. Sentinel One, Splunk) and other network security tools
• Familiarity with Federal and DoD security standards such as NIST, DCID, CNSS and DoD 8500
• Exposure to Windows and Linux OS to include knowledge of the command line interface
• Knowledge of IDS/IPS, penetration and vulnerability testing, DLP, anti-virus and anti-malware, TCP/IP, computer networking, routing and switching
• Understanding of computer networking fundamentals, network traffic analysis methods, and ability to review and analyze network packet captures
• Understanding of e-mail security fundamentals

Responsibilities

• Provides technical support on post event network security logs and trend analysis to uncover security and compliance violations
• Detects the full spectrum of known cyberattacks (e.g., DDoS, malware, phishing, others)
• Pinpoints location of compromised systems and devices, and conducts cyber incident and event monitoring identifying anomalous and malicious activity
• Correlates events from the various components in the IT security infrastructure and identifies attacks and breaches
• Associates and correlates IP address related events with specific systems or devices in the IT infrastructure
• Identifies and analyzes intelligence information about threats to customer’s information processing systems
• Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough triage of events utilizing relevant event detail and summary information.
• Ensure the integrity and protection of networks, systems, and applications through monitoring of security devices. React to customers escalations.
• Observes and documents actions taken by malicious actors in customer networks and contribute to content creation

Benefits

• 401K with company match
• Competitive pay
• Paid time off
• Variety of medical plan options
• Health Savings Accounts
• Dental plan options
• Vision plan
• Full flex work weeks where possible
• Variety of paid time off plans, including vacation, sick and personal time
• Holidays
• Paid parental leave
• Military leave
• Bereavement leave
• Jury duty leave
• Short and long-term disability benefits
• Life insurance
• Accidental death and dismemberment insurance
• Personal accident insurance
• Critical illness insurance
• Business travel and accident insurance