A.C.Coy Company · 11 hours ago
Cyber Threat Analyst (Hybrid)
Falls Church, VA, US
Full-time
Hybrid
Senior Level, Lead/Staff
8+ years expA.C.Coy Company is seeking a Cyber Threat Analyst to work with a direct US Government client in a hybrid Contract-to-Hire position located in Falls Church, VA. The role involves monitoring and analyzing security events, performing triage on escalations, and implementing automation strategies leveraging AI/ML capabilities to enhance threat detection and response.
Information Technology & Services
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Responsible for performing triage on all security escalations and detections to determine scope, severity, and root cause
Monitor cyber security events, detecting incidents, and investigating incidents
Identify, recommend strategies, develop, and implement automation use cases leveraging AI/ML capabilities
Support deploying, configuring, testing, and maintaining Security Orchestration, Automation, and Response (SOAR) platform, and tools integrated with AI/ML capabilities to enhance threat detection, analysis and response
Develop, test and Implement dynamic Risk-Based Alerting (RBA)
Identify and develop RBA and identifying use cases for SOAR and AI/ML
Monitor and analyze alerts from various sources such as IDS/IPS, Splunk, Tanium, MS Defender, SentinelOne and Cloud security tools leveraging SOAR and AI/ML capabilities, and provide recommendation for further tuning of these alerts when necessary
Analyze network traffic utilizing available tools and provide recommendations
Perform vulnerability assessments of recently discovered CVEs against internal systems and network
Assist in the process of configuring or re-configuring the security tools
Perform analysis on hosts running on a variety of platforms and operating systems, to include, but not limited to, Microsoft Windows, UNIX, Linux, as well as embedded systems and mainframes
Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave
Test, evaluate, and verify hardware and/or software to determine compliance with defined specifications and requirements
Provide support to contract Program Manager, as necessary
Effectively communicates technical information to non-technical audiences
Influence others to comply with policies and conform to standards and best practices
Qualification
Required
Bachelor's or Master's Degree in Computer Science, Information Systems, or other related fields
8+ years of experience with security operations, threat hunting, and incident response
Experience in analyzing alerts from Cloud, SIEM, EDR, and XDR tools, and alerts tuning process with preference on SentinelOne, Armis, and Splunk
Experience in configuring network devices and analyzing network traffic
Experience with Artificial Intelligence and Machine Learning (AI/ML) based security tools
Experience in researching, developing, and implementing SOAR use cases
Familiarity with Security Orchestration, Automation, and Response (SOAR) platform
Familiarity with cybersecurity operation center functions
Experience configuring and re-configuring security tools, including SenintelOne and Splunk
Experience implementing Security frameworks, such as MITRE ATT&CK and NIST, and can interpret use cases into actionable monitoring solutions
CERTIFICATIONS (One or more required): CISSP or CISA or CISM or GIAC or RHCE
Excellent oral and written communication skills
Must be able to obtain a Position of Public Trust Clearance
All candidates must be a US Citizen or have permanent residence status (Green Card)
Candidate must have lived in the United States for the past 5 years
Cannot have more than 6 months travel outside the United States within the last 5 years. Military Service excluded
Company
A.C.Coy Company
The A.C.Coy Company is a national staffing and consulting firm.
51-200 employees
Funding
Current Stage
Growth StageCompany data provided by crunchbase