Cyber Threat Fusion Analyst

Company: Grindstone
Location: Alexandria
Posted on: May 16, 2022

Job Description:

Grindstone is an innovative, Minority-Owned Small Business specializing in providing cutting-edge solutions to businesses and government agencies in the Mid-Atlantic region. Our client is looking for a Cyber Threat Fusion Analyst. If interested after reviewing the description below, please apply and someone from the Grindstone team will reach out to you.

Responsibilities

• Implement the core Threat Intelligence concepts (ex. Cyber Kill Chain, MITRE ATT&CK, DoDCAR).
• Produce reporting for new or emerging threats and threat vectors.
• Utilize SIEM technologies to correlate security events and logs and identify threats.
• Incorporate threat intelligence into countermeasures to detect and prevent intrusions and malware infections.
• Identify threat actor tactics, techniques and procedures and based on indicators develops custom signatures and blocks.
• Understand and employ the MITRE ATT&CK Matrix.
• Recognize what you'll need to know to prevent or identify APT intrusions
• Identify network architectures and select network components
• Understand concepts of log and packet analysis
• Navigate the command line using specific expressions to manipulate data
• Handle and organize disparate data about detections, attacks, and attackers
• Employ discovery techniques and vetting of new intelligence.
• Create Situational Awareness Reports and Threat Briefs
  
  Required Skills
  
  • Must possess an active TS/SCI security clearance.
  • Bachelor's Degree in Computer Science, Computer Engineering, or related field and 8+ years of prior relevant experience; additional years of experience may be substituted in lieu of a degree.
  • Computer defense technologies spanning endpoint, network, and open source
  • Cyber Kill Chain or MITRE ATT&CK experience.
  • Threat actor TTP and indicator identification using large data sources.
  • Have a strong understanding of how enterprise endpoint and network components contribute to Threat Intelligence and adversary detection.
  • 8570 IAT II certification is required prior to start.
  • It is preferred you will already possess an 8570 CSSP-Analyst certification. If not, it will be required for this to be obtained within 6 months of your start date.
    
    Desired Skills
    
    • Experience working for a Cybersecurity Service Provider (CSSP) or Security Operations Center (SOC)
    • Experience using a prominent Security Information and Event Management (SIEM) (ex. Splunk, Elasticsearch, ArcSight, QRadar)
    • Custom signature development experience.
    • Packet analysis experience.
      
      Work Set-up and Location
      
      Hybrid
      
      Virginia (Northern), Alexandria
      
      Education And Years Of Experience
      
      Bachelor's Degree in Computer Science, Computer Engineering or related field and 8+ years of prior relevant experience; additional years of experience may be substituted in lieu of a degree.
      
      Powered by JazzHR
      
      3QvOpWkih9

Keywords: Grindstone, Alexandria , Cyber Threat Fusion Analyst, Professions , Alexandria, Virginia