Cyber Threat Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Dragonfli Group · 15 hours ago

Cyber Threat Analyst

positionWashington, DC
timeFull-time
remoteOnsite
senioritySenior Level
date7+ years exp

Dragonfli Group is a cybersecurity and IT consulting firm providing services to federal agencies and Fortune 100 enterprises. They are seeking a highly experienced Senior Cyber Threat Analyst to enhance automation strategies in threat detection and incident response.

Cyber SecurityInformation TechnologyRisk Management
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Incident Management & Triage: Perform triage on security escalations and detections to determine scope, severity, and root cause; monitor cybersecurity events and investigate incidents efficiently
Automation & Engineering: Identify, recommend, and implement automation use cases leveraging AI/ML capabilities to accelerate response times
SOAR Implementation: Support the deployment, configuration, testing, and maintenance of the Security Orchestration, Automation, and Response (SOAR) platform, specifically focusing on SentinelOne and Splunk integrations
Detection Tuning: Create and modify detection rules, signatures, and alerts across SIEM and EDR platforms (Splunk and SentinelOne) to reduce false positives and enhance fidelity
Data Analysis & Dashboarding: Analyze alerts from Cloud, SIEM, EDR, and XDR tools; build and maintain comprehensive dashboards and perform complex queries to support decision-making
Vulnerability & Risk Assessment: Perform vulnerability assessments of discovered CVEs against agency systems and analyze network traffic to provide actionable security recommendations
Framework Implementation: Apply security frameworks such as MITRE ATT&CK and NIST to interpret use cases into actionable monitoring solutions
Communication: Effectively communicate technical findings to non-technical audiences and influence stakeholders to comply with security standards and best practices

Qualification

SplunkSentinelOneSOARAI/ML Security ImplementationVulnerability AssessmentMITRE ATT&CK FrameworkNetwork Traffic AnalysisScripting for AutomationSIEM & Log AnalysisCybersecurity Operations

Required

7+ years of experience with security operations, threat hunting, and incident response
Experience in analyzing alerts from Cloud, SIEM, EDR, and XDR tools, and alerts tuning process with preference on SentinelOne, Armis, and Splunk
Experience in configuring network devices and analyzing network traffic
Experience with Artificial Intelligence and Machine Learning (AI/ML) based security tools
Experience in researching, developing, and implementing SOAR use cases
Familiar with Security Orchestration, Automation, and Response (SOAR) platform
Familiarity with cybersecurity operation center functions
Experience configuring and re-configuring security tools, including SentinelOne and Splunk
Experience implementing Security frameworks, such as MITRE ATT&CK and NIST, and can interpret use cases into actionable monitoring solutions
MUST have one or more of the following Certification(s): CISSP, CISA, CISM, GIAC, RHCE

Preferred

Candidates with previous federal contracting experience are preferred

Benefits

Insurance – health, dental, and vision
Paid Time Off (PTO) and 11 Federal Holidays
401(k) employer match

Company

Dragonfli Group

twittertwitter
company-logo
The Dragonfli Group is a Washington, DC based LLC specializing in management and technology consulting.
dateFounded in 2008
location
Washington, District of Columbia, USA
people-size11-50 employees
web-link
https://www.dragonfligroup.com/

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Glenn Ballard
Founder, President, and CEO
linkedin
leader-logo
Ernest Cordova (He/Him/His)
Chief Operating Officer
linkedin
Company data provided by crunchbase