Cyber Threat Analyst - Arlington, United States - Node

    Node
    Node Arlington, United States

    4 weeks ago

    Default job background
    Description
    Cyber Threat Analyst

    Location:
    Arlington, VA

    Must have Top Secret Clearance
    Node is supporting a U.S.

    Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution.

    Contract personnel perform investigations to characterize the severity of breaches, develop mitigation plans, and assist with the restoration of services.

    Node is seeking a

    Cyber Threat Analyst

    to support this critical customer mission.

    Responsibilities:

    • Researching and compiling known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents within the enterprise
    • Applying knowledge of the tactics, techniques, and procedures of various criminal, insider, hacktivist, and nation state threat actors to identify and validate threats
    • Applying cybersecurity concepts to the detection and defense of intrusions into small, and largescale IT networks, and conducting cursory analysis of log data
    • Conducting cursory analysis of log data
    • Monitoring external data sources (e.g., Computer Network Defense vendor sites, Computer Emergency Response Teams [CERTs], SANS, Security Focus) to maintain currency of Computer Network Defense threat condition and determine which security issues may have an impact on the enterprise
    • Identifying the cause of an incident and recognizing the key elements to ask external entities when learning the background and potential infection vector of an incident
    • Receiving and analyzing network alerts from various sources within the enterprise and determining possible causes of such alerts
    • Tracking and documenting Computer Network Defense (CND) incidents from initial detection through final resolution
    • Working with other components within the organization to obtain and coordinate information pertaining to ongoing incidents.
    • Providing support during assigned shifts

    Required Skills:

    • U.S. Citizenship
    • Must have an active TS/SCI clearance
    • Must be able to obtain DHS Suitability
    • 2+ years of directly relevant experience in cyber incident management or cybersecurity operations
    • Knowledge of incident response and handling methodologies
    • Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident
    • Knowledge of general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
    • Skill in recognizing and categorizing types of vulnerabilities and associated attacks
    • Knowledge of basic system administration and operating system hardening techniques
    • Knowledge of Computer Network Defense policies, procedures, and regulations
    • Knowledge of different operational threat environments (e.g., firstgeneration [script kiddies], secondgeneration [nonnationstate sponsored], and thirdgeneration [nationstate sponsored])
    • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, crosssite scripting, PL/SQL and injections, race conditions, covert channel, replay, returnoriented attacks, and malicious code)
    • Must be able to work collaboratively across physical locations.

    Desired Skills:

    • Knowledge of basic system administration and operating system hardening techniques
    • Knowledge of Computer Network Defense policies, procedures, and regulations
    • Knowledge of different operational threat environments (e.g., firstgeneration [script kiddies], secondgeneration (non nationstate sponsored], and thirdgeneration [nationstate sponsored])
    • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, crosssite scripting, PL/SQL and injections, race conditions, covert channel, replay, returnoriented attacks, and malicious code)

    Required Education:
    BS Incident Management, Operations Management, Cybersecurity or related degree. HS Diploma with 4-6 years of incident management or cyber security experience.

    Company Overview:
    Node.
    Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.

    Our Core Values help us in our mission


    They include:

    OUR CORE VALUES
    Identifying the~RIGHT PEOPLE~and developing them to their full capabilities
    Our customer's "Mission" is our "Mission". Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner
    We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence
    Our mantra is "~Simple*Secure*Speed~" in the delivery of innovative services and solutions
    We are proud to offer competitive compensation and benefits packages to include:

    Medical
    Dental
    Vision
    Basic Life
    Long-Term Disability
    Health Saving Account
    401K
    Three weeks of PTO
    10 Paid Holidays
    Pre-Approved Online Training

    #J-18808-Ljbffr