View Our Website View All Jobs

Cyber Hunt - Threat Analyst

Clearance: TS/SCI security clearance required

Location: Charleston, SC 

Position Type:  Full-Time                          

The contractor shall provide support for the ongoing analysis of threats capable of impacting resources being serviced by the NSOC CNDSP activity based on review of programmatic, technical, and IA Certification and Accreditation documentation and daily review of open source / unclassified and classified threat warnings and bulletins.

Performs cyber intelligence gathering and threat analysis of threats, including nation-state sponsored threats for a large organization. Actively provides in-depth incident analysis. Evaluates security incidents and performs research. Monitors, analyzes and correlates network traffic utilizing the latest in security tools and technology. Reviews threat data from various sources; coordinates with federal leadership, as well as government agencies to provide reporting and situational awareness.

  • Perform daily review of cyber threat warnings, bulletins, alerts, and incident reporting documentation and databases produced by the U.S. Government (USG), Department of Defense (DoD) and Intelligence Community (IC).
  • Conducts research on emerging security threats; Provides correlation and trending of cyber incident activity.
  • Maintains knowledge of adversary activities, including intrusion set tactics, techniques and procedures (TTP).
  • Maintains Situational Awareness and reports on advanced threats, including Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
  • Communicates events to agencies regarding intrusions and compromises to network infrastructure, applications and operating systems; assists with implementation of counter-measures and mitigating controls.
  • Analyzes relevant cyber security event data for attack indicators and breaches that may yield detection/prevention content
  • Prepares cyber threat assessments based on threat analysis, coordinates cyber threat tracking with other organizations and the government; assists in developing reports, briefings and assessments to facilitate the understanding of cyber threats.
  • Provides expert quality network traffic (PCAP) and Net Flow analysis.
  • Experience with multiple programming languages.
  • Experience in software reverse engineering or software development.
  • In-depth knowledge of IDA Pro/Debuggers.
  • In-depth knowledge of dynamic /static malware analysis and memory analysis.
  • In-depth knowledge of Windows Operating System Internals (Kernel, Registry, File System, Windows APIs.
  • Supports SOC analysis and incident response as needed.
  • Creates and maintains Standard Operating Procedures and other documentation as needed.

A qualified candidate should also have excellent analytical and problem solving skills as well as interpersonal skills to interact with customers, team members and upper management; skilled in Incident Response and network security monitoring. Strong writing skills highly desired. Technically proficient in network communication using TCP/IP protocols, system administration knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch). Knowledgeable of Windows, Linux and Cisco operating systems, networking, and information security; Experience with EnCase, Splunk, McAfee NSM, Fidelis, and SourceFire is desirable.

***Obtain and maintain compliance with applicable DoD 8570.01-M requirements.  Cyber threat analyst support requires at least IAT Level II and CND Analyst certifications.

Read More

Apply for this position

Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file

Human Check*