Cyber Threat Analyst (Hybrid)
A.C. Coy
Falls Church, Virginia
Apply
JOB DETAILS
LOCATION
Falls Church, Virginia
POSTED
30+ days ago
- Tier One Technologies is looking for a Cyber Threat Analyst to work with our direct US Government client.
- This hybrid Contract-to-Hire position will be located in Falls Church, VA.
- SELECTED CANDIDATES WITHOUT REQUIRED CLEARANCE WILL BE SUBJECT TO A FEDERAL GOVERNMENT BACKGROUND INVESTIGATION TO RECEIVE IT.
- Responsible for performing triage on all security escalations and detections to determine scope, severity, and root cause.
- Monitor cyber security events, detecting incidents, and investigating incidents.
- Identify, recommend strategies, develop, and implement automation use cases leveraging AI/ML capabilities.
- Support deploying, configuring, testing, and maintaining Security Orchestration, Automation, and Response (SOAR) platform, and tools integrated with AI/ML capabilities to enhance threat detection, analysis and response.
- Develop, test and Implement dynamic Risk-Based Alerting (RBA).
- Identify and develop RBA and identifying use cases for SOAR and AI/ML.
- Monitor and analyze alerts from various sources such as IDS/IPS, Splunk, Tanium, MS Defender, SentinelOne and Cloud security tools leveraging SOAR and AI/ML capabilities, and provide recommendation for further tuning of these alerts when necessary.
- Analyze network traffic utilizing available tools and provide recommendations.
- Perform vulnerability assessments of recently discovered CVEs against internal systems and network.
- Assist in the process of configuring or re-configuring the security tools.
- Perform analysis on hosts running on a variety of platforms and operating systems, to include, but not limited to, Microsoft Windows, UNIX, Linux, as well as embedded systems and mainframes.
- Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
- Test, evaluate, and verify hardware and/or software to determine compliance with defined specifications and requirements
Provide support to contract Program Manager, as necessary. - Effectively communicates technical information to non-technical audiences.
- Influence others to comply with policies and conform to standards and best practices.
- Bachelor's or Master's Degree in Computer Science, Information Systems, or other related fields.
- 8+ years of experience with security operations, threat hunting, and incident response
- Experience in analyzing alerts from Cloud, SIEM, EDR, and XDR tools, and alerts tuning process with preference on SentinelOne, Armis, and Splunk.
- Experience in configuring network devices and analyzing network traffic
- Experience with Artificial Intelligence and Machine Learning (AI/ML) based security tools.
- Experience in researching, developing, and implementing SOAR use cases.
- Familiarity with Security Orchestration, Automation, and Response (SOAR) platform.
- Familiarity with cybersecurity operation center functions.
- Experience configuring and re-configuring security tools, including SenintelOne and Splunk.
- Experience implementing Security frameworks, such as MITRE ATT&CK and NIST, and can interpret use cases into actionable monitoring solutions.
- CERTIFICATIONS (One or more required): CISSP or CISA or CISM or GIAC or RHCE.
- Excellent oral and written communication skills.
- Must be able to obtain a Position of Public Trust Clearance.
- All candidates must be a US Citizen or have permanent residence status (Green Card).
- Candidate must have lived in the United States for the past 5 years.
- Cannot have more than 6 months travel outside the United States within the last 5 years. Military Service excluded.
About the Company
A