- Identify emerging cyber threats, vulnerabilities, trends, and recommend countermeasures.
- Gather data from internal networks and external sources to monitor known threat activity.
- Create actionable intelligence on current and developing threats by analyzing threat actor TTPs.
- Create threat analysis reports as requested for both activity identified and tailored threats/technologies as requested.
- Proactively gather, analyze, and disseminate timely and accurate CTI to support operational decision-making.
- Develop new analytics and apply mitigations for adversary Tactics, Techniques, and Procedures (TTPs).
- Perform threat Hunts for undetected indicators of compromise.
- Collaborate with internal and external stakeholders to mitigate cyber threats.
- Conduct in-person and virtual briefings on vulnerabilities or threat actors.
- Identify intelligence gaps, specify collection requirements to fill gaps in information, and evaluate resulting intelligence requirements.
- Typically requires a minimum of 8 years of related experience with a Bachelor's degree; or 6 years and a Master's degree; or a PhD with 3 years' experience; or equivalent combination of related education and work experience.
- Ability to work both independently and as part of a collaborative team.
- Must be detail oriented and able to assist with incident investigation processes.
- Must have good analytical, written, verbal, and interpersonal communication skills.
- Stays current on emerging security threats, vulnerabilities, and controls as it pertains to our cloud presence.
- Must be able to be granted & hold a Secret clearance.
- Explores patterns in network and system activity through log correlation using Splunk and other tools.
- This position requires a minimum of 50% hybrid on-site.
- Knowledge of advanced Cyber Security concepts.
- Familiarity with Linux, Mac, and Windows Operating Systems.
- Familiarity with adversary tactics, techniques, and procedures (TTPs).
- Understanding of various threat intelligence frameworks such as the Diamond Model, Cyber Kill Chain and MITRE ATT&CK.
- Scripting experience, preferably with Python.
- Experience with Splunk or Elastic Search.
- Able to demonstrate clear technical understanding of current threats and how they can impact cloud and IT infrastructure.
- Ability to take initiative and accountability for achieving results.
- Ability to develop alerts and analytics for proactive monitoring in cloud and on-prem environments.
- Experience evaluating enterprise networks for IA/security vulnerabilities.
- Experience on an Incident Response team performing Tier I/II initial incident triage.
- Conduct research and analysis of technical vulnerabilities including evaluating prevalence, exploitability, and cyber threat actor affiliations.
Lead InfoSec Operations Analyst - McLean, United States - MITRE
Description
Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us.
Department Summary:
MITRE's Information Security department seeks a Cyber Threat Intelligence Analyst to conduct research and develop written analysis of technical cybersecurity vulnerabilities including evaluating prevalence, exploitability, and threat actor affiliations. The ideal candidates will have a combination of Intelligence Analysis experience, cyber experience, operations experience, and producing written risk assessments. This position offers a challenging opportunity to be exposed to a diverse set of security disciplines, including incident response, forensics, reverse engineering, malware analysis, intrusion detection, network security and system security.
Roles and Responsibilities:
Basic Qualifications:
Preferred Qualifications:
This requisition requires the candidate to have a minimum of the following clearance(s):
NoneThis requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):
SecretWork Location Type:
HybridMITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster and Pay Transparency.
MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE's employment process, please email
Copyright 2024, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.
Benefits information may be foundhere