ICS-SCADA Cyber Threat Analyst

About The Position

Requirements

• Bachelor’s Degree in computer science, international relations, information security, or a related field.
• Minimum of Seven (7+) years’ experience working in the areas of intelligence, information security, network forensics or insider threat with focus on Industrial Control Systems/Supervisory Control and Data Acquisition (ICS/SCADA) systems.
• Subject matter expertise understanding the unique components, protocols, and architectures of ICS/SCADA systems.
• Ability to understand data in various formats to extract and enrich information to enhance its value.
• Experience working with development teams to articulate requirements/enhancements to capabilities and tools.
• Experience with XKS creating general queries, fingerprinting, and identifying atypical events.
• Experience with Elastic/Splunk/ or other Security Information and Event Management (SIEM) experience creating visualizations and dashboards.
• Understanding of TCP/IP communication protocols and packet flows based on IP traffic; analysis of Packet Capture (PCAP) traffic in Wireshark
• Familiarity writing signatures in Zeek and/or Snort
• U.S. Citizenship
• Active TS/SCI security clearance with polygraph

Nice To Haves

• Master’s Degree is preferred but not required.

Responsibilities

• Conducting continuous research on emerging threats and threat actor activity to identify and assess the capabilities and activities of cyber criminals and/or foreign intelligence entities.
• Analyzing data and prioritizing vulnerabilities with the goal to prevent and eradicate threats to critical U.S. systems.
• Document findings and create detailed reports to ensure tradecraft is continually updated.
• Present results to technical and non-technical stakeholders.

Benefits

• medical
• dental
• vision
• paid time off
• 401(k)
• life insurance
• flexible work schedules
• holidays