phia, LLC · 3 hours ago
Cyber Threat Analyst - Detection Automation and Engineering
United States
Full-time
Remote
Senior Level
7+ years expphia, LLC is a Northern Virginia based small business focused on Cyber Intelligence and Cyber Security. They are seeking a Cyber Threat Analyst to support cybersecurity integration efforts, performing triage, threat detection, incident analysis, and automation development leveraging AI/ML capabilities.
Cyber SecurityInformation TechnologySmall and Medium Businesses
No H1B
U.S. Citizen Only
Responsibilities
Perform triage on all security escalations and detections to determine scope, severity, and root cause
Monitor cybersecurity events, detect potential incidents, and conduct detailed investigations
Identify, recommend, develop, and implement automation use cases leveraging AI/ML technologies
Support deployment, configuration, testing, and maintenance of Security Orchestration, Automation, and Response (SOAR) platforms and AI/ML‑enabled tools to strengthen detection and response
Provide ongoing support to the Program Manager as required
Communicate complex technical information clearly to non‑technical audiences
Influence stakeholders to comply with cybersecurity policies, standards, and best practices
Qualification
Required
Cybersecurity professional with 7+ years of experience in security operations, threat hunting, and incident response
Experienced analyzing alerts from Cloud, SIEM, EDR, and XDR tools—preferably SentinelOne, Armis, and Splunk
Skilled in configuring network devices and analyzing network traffic
Familiar with cybersecurity operations center (SOC) functions and enterprise security workflows
Experienced working with AI/ML‑based security tools and developing SOAR use cases
Proficient in configuring or re‑configuring tools such as SentinelOne and Splunk
Knowledgeable in applying frameworks such as MITRE ATT&CK and NIST to develop actionable monitoring solutions
Must hold at least one of the following certifications: CISSP, CISA, CISM, GIAC, RHCE
BA/BS in Cybersecurity, Computer Science, Information Technology, or a related field or equivalent hands‑on experience
7+ years supporting enterprise security operations, detection engineering, and incident response
Extensive experience with SIEM/EDR/XDR platforms, network analysis, and security automation
U.S. Citizenship required
Ability to obtain Public Trust clearance
Preferred
Developing, testing, and implementing Risk‑Based Alerting (RBA)
Identifying RBA‑driven use cases and SOAR/AI‑ML automation opportunities
Monitoring and analyzing alerts from IDS/IPS, Splunk, Tanium, MS Defender, SentinelOne, and cloud security tools with recommendations for tuning
Analyzing network traffic and providing evidence‑based recommendations
Conducting vulnerability assessments of recently disclosed CVEs across enterprise systems
Assisting with configuration or re‑configuration of enterprise security toolsets
Performing host‑based analysis across diverse operating systems including Windows, Linux, UNIX, embedded systems, and mainframes
Developing signatures for deployment across cybersecurity defense tools based on observed or emerging threats
Testing, evaluating, and verifying hardware/software to validate compliance with requirements
Benefits
Medical Insurance
Dental Insurance
Vision Insurance
Life Insurance
Short Term & Long Term Disability
401k Retirement Savings Plan with Company Match
Paid Holidays
Paid Time Off (PTO)
Tuition and Professional Development Assistance
Company
phia, LLC
phia LLC is a Northern Virginia based small business that was established in 2011.
11-50 employees
Funding
Current Stage
Early StageRecent News
2022-09-16
Company data provided by crunchbase