Cyber Security Threat Analyst

About the Role:

We are seeking a highly motivated and experienced Senior Cyber Security Engineer to join our team. As a key member of our cybersecurity team, you will play a critical role in detecting and analyzing cyber threats to ensure the security and integrity of our systems.

Responsibilities:

• Support the development and implementation of cybersecurity tool signatures to detect and prevent cyber threats.
• Analyze complex cyber threats, including reverse malware engineering, to identify potential vulnerabilities and develop mitigation strategies.
• Formulate custom Security Information and Event Management (SIEM) tool content and IDS/IPS signatures to address emerging threats.
• Perform security event and incident correlation using information gathered from various sources within the enterprise.
• Analyze and assess damage to data and infrastructure resulting from cyber incidents.
• Conduct trend analysis and reporting on cyber incidents to inform mitigation strategies.
• Characterize and analyze network traffic and system data to identify anomalous activity and potential threats to resources.
• Provide detection, identification, and reporting of possible cyber-attacks/intrusions, anomalous activities, and misuse activities.
• Create and deploy threat-based signatures for operational intrusion detection capabilities.
• Develop and implement detection rules from intelligence reporting.

Requirements:

• Bachelor's degree or 4 additional years of experience.
• Minimum 5 years of related experience.
• Experience with modern operating systems, databases, and virtual computing.
• Experience with Splunk.
• DoD 8570 certification meeting IAT Level II (GSEC, Security , SSCP, or CCNA-Security) required.
• Experience performing analysis of network traffic and correlating diverse security logs to inform signature development.
• Knowledge of counter-measure implementation and mitigating controls.
• Ability to support incident response and forensic operations as required, including static/dynamic malware analysis and reverse engineering.
• Experience with enterprise security tools, including SIEM, TIPs, or Network monitoring tools.
• Experience creating, modifying, tuning, IDS signatures/SIEM correlation searches and other detection signatures.