Threat Analyst

KeyW Corporation
View Company Profile

<< Go back

Post Date: Feb 26, 2019
Location: Maryland - columbia
Security Clearance: Top Secret - SCI
Job Type: Permanent
Start Date: - n/a -
Salary: - n/a -
Job Reference: 2019-19476
    Email Job to a Friend     Save Job to Inbox     Printer Friendly

KeyW is seeking passionate professionals skilled in the art of Cyber Security. Analysts should be familiar with many different CND tools and capabilities. Analysts are instrumental in detecting, responding to threats, and assisting with forensic investigations. You must be capable of developing detection analytics in different tools. Are you looking for a fast paced environment filled with exciting challenges? Are you looking for a job that allows for growth in many skillsets? This is it!

Responsibilities Include:
Reports to SOC Team Lead
Develop threat analytics to aid in detection of emerging threats
Incident Response Team Member – Assist with findings, remediation, and review of events
Daily checks for CTOC services
Research on emerging threats using open source data sets
Splunk Analysis
Review and Analyze Alerts (Close alerts with speed and efficiency)
Conduct Threat Hunting when no open alerts are available
Create data correlations and alerts based on discovered activity
Review elevated alerts from Jr Network Threat Support Specialists (JNTSS) Tier 1
Elevate Critical alerts for tier 3 analysis
Bro Analysis
Custom Rule Sets Testing and Creation
Review and analyze alerts
Review Bro logs for anomalous activity in support of hunting activity
Snort Analysis
Testing and review of rules to ensure proper execution against network traffic
Review and analyze Alerts
Packet Analysis
Deep packet inspection in support of hunting activity
Exercise Execution
Participate in RED/BLUE exercises and report after action recommendations to Team Lead
Desired Skills:
Familiar with network terminology and protocol behavior
Familiar with open source CND tools (Bro, Snort, ELK, Moloch)
Familiar with rule creation based on signature and behaviors
Familiar with Encase, FTK or other forensic suites
Familiar with memory forensics
Familiar with scripting and automation tools and techniques
Familiar with AWS, Azure, Google Cloud function and networking
Skilled in *Nix, Windows
Skilled in Analysis
Skilled in report writing and briefing senior staff
Experience and Education:

3+ years of experience in analysis in SOCs or similar Computer Network Defense (CND) capacity (or comparable skills)
5+ years of experience in supporting clients in IT Security, Cyber Security or Information Security
At least experienced in one or more of the following tools: Bro, Snort, Splunk or similar SIEM
Required: IAT Level II DOD 8410 valid certification
Preferred: CSSP Analyst or CSSP Incident Responder DOD 8140 valid certification

Contact Details

URL: Apply on Employer Website