Cyber Operations Analyst - Threat Management Specialist Tier 2 jobs in United States
cer-icon
Apply on Employer Site
company-logo

phia, LLC · 5 hours ago

Cyber Operations Analyst - Threat Management Specialist Tier 2

positionUnited States
timeFull-time
remoteRemote
seniorityMid Level
date3+ years exp

phia, LLC is a Northern Virginia based small business focused on Cyber Intelligence and Cyber Security. They are seeking a Threat Management Specialist (Tier 2) to perform incident analysis, correlate security data, and enhance CSOC efficiency through AI/ML technologies.

Cyber SecurityInformation TechnologySmall and Medium Businesses
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Identify cybersecurity issues and recommend appropriate mitigating controls
Analyze network traffic to detect exploit attempts, intrusions, and anomalous activity
Recommend and develop detection mechanisms for exploit and intrusion‑related threats
Provide subject matter expertise on network-based attacks, traffic analysis, and intrusion methodologies
Escalate complex items requiring deeper investigation to senior members of the Threat Management team
Execute operational processes in support of incident response activities
Utilize AI/ML‑based tools to detect anomalies, automate triage, and enhance threat intelligence operations
Perform threat intelligence research and analysis, using ML‑enhanced tools to assess risk and adapt defenses
Manage email security with ProofPoint, monitor for threats, and respond to attacks promptly
Configure and use Splunk for log analysis, alert creation, event monitoring, and incident investigation
Configure and use FirePower for network monitoring, traffic analysis, and enforcement of security policies
Deploy and manage SentinelOne agents, monitor alerts, and perform host‑based security assessments
Monitor and respond to alerts across platforms including Microsoft Defender for Cloud Apps, Defender for Endpoint, Defender XDR, Defender for Office 365, Azure Entra ID, and Google Cloud SCC
Perform threat detection, investigate suspicious activity, coordinate incident response, and implement remediation
Tune security policies and maintain visibility across cloud and endpoint environments
Support continuous improvement of the organization’s security posture
Stay current on cybersecurity trends, threat actors, and advancements in AI/ML research
Identify, recommend, and implement automation use cases—leveraging AI/ML to enhance SOC capabilities
Collaborate with operations teams to drive SOC enhancements through automation and AI integration

Qualification

Threat detectionNetwork traffic analysisIncident responseAI/ML technologiesIDS/IPS technologiesCloud securitySOAR platformsData analysisAutomation use casesCommunication skillsInterpersonal skillsOrganizational skills

Required

Cybersecurity professional with 3+ years of IT security experience, including exposure to AI/ML projects
At least 2+ years of experience in network traffic analysis
Strong working knowledge of Boolean logic, TCP/IP fundamentals, threat management, and network‑level exploits
Experienced with IDS/IPS technologies, architectures, and signature development (signature‑ and anomaly‑based detection)
Skilled in cloud security across AWS, Azure, and GCP environments
Hands‑on experience using SOAR platforms and supporting cybersecurity automation
Proficient in using ML frameworks to develop, train, and deploy models for anomaly detection or behavioral analysis
Strong data analysis and feature engineering skills across logs, network traffic, and large datasets
Familiar with AI/ML use cases in cybersecurity such as automated threat detection, incident response automation, and predictive analytics
Knowledgeable in applying control frameworks and risk management techniques
Excellent oral and written communication skills with strong interpersonal and organizational abilities
Experience evaluating AI/ML solutions within SOC environments is a plus
Understanding and experience identifying and implementing automation use cases
BA/BS in Cybersecurity, Computer Science, Information Technology, or a related field or equivalent hands‑on experience
Relevant certifications such as GCED, GSEC, CISSP, or SSCP desired
3+ years of IT security experience with exposure to AI/ML projects
2+ years of network traffic analysis
U.S. Citizenship required
Ability to obtain Public Trust clearance

Preferred

Experience tuning and maintaining IDS/IPS technologies
Cloud security experience across AWS, Azure, and GCP
Hands‑on SOAR platform experience
Machine learning model development for threat detection and analytics
Advanced network traffic analysis and evidence‑based recommendations
Experience performing threat intelligence analysis using ML‑enhanced tools
Strong understanding of IDS/IPS signature creation and detection methodologies

Benefits

Medical Insurance
Dental Insurance
Vision Insurance
Life Insurance
Short Term & Long Term Disability
401k Retirement Savings Plan with Company Match
Paid Holidays
Paid Time Off (PTO)
Tuition and Professional Development Assistance

Company

phia, LLC

twittertwittertwitter
company-logo
phia LLC is a Northern Virginia based small business that was established in 2011.
dateFounded in 2011
location
Fairfax, Virginia, USA
people-size11-50 employees
web-link
http://phiatech.com

Funding

Current Stage
Early Stage

Recent News

PRNewswire
Hostess Brands Unveils Sign on New, Sustainability-First Bakery in Arkadelphia
2022-09-16
Company data provided by crunchbase