Apply on Employer Site

Leidos · 2 months ago

Cyber Threat Intel Analyst

Ashburn, VA

Full-time

Onsite

Mid, Senior Level

$85K/yr - $154K/yr

5+ years exp

Leidos is a prominent company in the cybersecurity domain, seeking a Cyber Threat Intel Analyst to enhance the security of the U.S. Department of Homeland Security's networks. The role involves conducting cyber threat analysis, maintaining situational awareness of emerging threats, and providing support during incident response activities.

ComputerGovernmentInformation ServicesInformation TechnologyNational SecuritySoftware

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Will conduct cyber threat analysis, identifying mitigation and/or remediation courses of action; developing actionable intelligence used to protect organizational IT assets; and trending cyber threat metrics for leadership situational awareness

Responsible for maintaining a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats actors and/or activities to enhance cybersecurity posture of an the organization’s IT operating environment

Identify, track and investigate, and write technical products for dissemination to stakeholders regarding high priority threat campaigns, malicious actors, APTs, emerging threats, etc

Bring a comprehensive understanding, analyzing and tracking the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cybersecurity posture of the organization’s IT operating environment

Provide support to the Security Operations Center during incident response and threat intelligence activities that includes cyber threat analysis support, research, recommending relevant remediation and mitigation

Will be responsible for developing scripts to support cyber threat detection that outputs results in a variety of formats, such as VB scripts, Python, C++, HTML, XML or other type most appropriate for the task

Conduct trending and correlation of various cyber intelligence sources for the purposes of indicator collection, shifts in TTPs, attribution and establishing countermeasures to increase cyber resiliency

Producing high quality technical and non-technical products, briefings, whitepapers, etc., with minimal supervision and emphasis on effective/accurate reporting on product topics

Maintain situational awareness of emerging threats, zero days, vulnerabilities and other threats against customer systems, networks, and assets

Process technical data from various sources and fuse the data with intelligence reporting to improve the security posture of the customer, as well as manage Threat Intelligence tools security tools such as Analyst1

Qualification

Cyber threat analysisSecurity monitoring solutionsScripting PythonScripting VBScripting C++Technical analysisThreat intelligence toolsEffective reportingSituational awarenessSelf-starter

Required

The candidate must currently possess a Top Secret Clearance Eligibility with the ability to obtain a TS/SCI. In addition to clearance requirement, all CBP personnel must have a current or be able to favorably pass a 5-year background investigation (BI)

BS in IT related field or higher and 4-8 years' experience in an information technology field with a minimum of 5 years of experience as a Tier II senior cyber security analyst performing intelligence analysis, collection management, and technical analysis. Additional years of experience or certs may be considered in lieu of a degree

3+ years of recent experience with host-based and network-based security monitoring solutions and to include security content recommendation or development (host based and network signatures)

2 years recent experience with host-based and network-based security monitoring using cybersecurity capabilities

Must be experienced developing scripts to support cyber threat detection that outputs results in a variety of formats, such as VB scripts, Python, C++, HTML, XML or other

Ability to work independently with minimal direction; self-starter/self-motivated

The candidate should have at minimum ONE of the following certifications prior to starting on contract: Certified Information System Security Professional (CISSP), SANS - GCIA – Intrusion Analyst, SANS - GREM – Reverse Engineering Malware, SANS - GISF – Security Fundamentals, SANS - GXPN – Exploit Researcher and Advanced Penetration Tester, SANS - GMON – Continuous Monitoring Certification, OSCP (Certified Professional), OSCE (Certified Expert), OSWP (Wireless Professional), OSEE (Exploitation Expert), CCSP – Certified Cloud Security Professional, LPT – Licensed Penetration Tester, ECSA – EC-Council Certified Security Analyst, Cyber Analyst Course

Preferred

A minimum of five (5) years of hands-on experience with experience in the last two (2) years that includes host-based and network based security monitoring using cybersecurity capabilities

Previous DOD, IC or Law Enforcement Intelligence or Counter Intelligence Training/Experience

Knowledge of Structured Analytic Techniques

Degree in Applied Intelligence or Advanced Degree in Cyber Security or related field