Cyber Threat Intelligence Lead
Cyber Threat Intelligence Lead
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Responsibilities & Qualifications
ACTIVITIES & RESPONSIBILITIES
Support includes monitoring activities developing cyber threat analysis identifying mitigation and / or remediation courses of action sharing actionable cyber threat intelligence used in organizational IT asset protection trending strategic cyber threats and situational awareness. Assist with identifying valid Indicators of Compromise (IOCs) and implementing appropriate monitoring alerting or blocking. Compile cyber threat data gathered including but not limited to present and emerging adversarial tactics techniques and procedures through independent research and analysis of identified activity combined with current SOC operations. Analyze unclassified and classified sources of information and cyber threat intelligence on foreign and / or domestic cyber threats including recommended mitigation and / or remediation actions. Assist with conducting link analysis of technical data using software tools to identify trends in attacks targeting and timing of suspicious / malicious activity. Tracking and reporting current trends on cybersecurity events and incidents including (but not limited to) phishing malware and scanning / probing activity. Prioritizing cyber threat actor tactics techniques and procedures (TTPs) based on recent and relevant threat intelligence reporting. Proactively utilize cybersecurity capabilities to search through information systems to detect and work with the SOC to isolate advanced threats that may evade existing security solutions.
SKILLS
- Possess a strong cyber security background with experience in host-based and network based forensics related to the identification of advanced cyber threat activities intrusion detection incident response malware analysis and security content development (e.g. signatures rules etc.); and cyber threat intelligence.
- Experience in developing scripts to support cyber threat detection that outputs results in a variety of formats such as VB scripts Python C and HTML XML or other type most appropriate for the task.
- Experience in conducting cyber threat analysis identifying mitigation and / or remediation courses of action; developing actionable intelligence used to protect organizational IT assets; and trending cyber threat metrics for leadership situational awareness.
- Experience in maintaining a comprehensive understanding of the cyber threat landscape including identifying and analyzing cyber threats actors and / or activities to enhance cybersecurity posture of the organizations IT operating environment.
- Experience with cloud- based security technologies architecture and computing and searching monitoring and analyzing machine-generated big data is preferred.
- Providing threat intelligence research and artifacts on IOCs personas and Advanced Persistent Threat (APT) attribution.
- Perform cyber and technical threat analyses of hostile nation state actors cybercriminals terrorist organizations and other malicious actors that could harm information systems and / or networks and report on any suspected or verified findings.
- Producing situational incident-related reports on cyber threats
- Assist with advanced intrusion detection capability by providing the adversarial tactics techniques and procedures along with IOCs and recommended detection rules.
- Recommend countermeasures to malware and other malicious activity that could exploit information systems and / or networks.
- Develop of cybersecurity content such as rules signatures and other methods to detect cyber threat activity.
- Conduct research and provide threat analysis assessments on third-party partners vendors and products.
REQUIRED QUALIFICATIONS
- Clearance requirement: Top Secret (SCI eligible)
- Experience: Minimum of seven (7) years of experience as a Tier III senior cyber security analyst performing intelligence analysis collection management and technical analysis.
- Education: Bachelors of Science in computer engineering computer science IT or cyber security preferred (or 5 years of relevant work experience in lieu of a degree)
PREFERRED QUALIFICATIONS & COMPETENCIES
- Certifications: Certified Ethical Hacker (CEH) preferred
Overview
We are seeking an experienced Cyber Threat Intelligence Lead in support of a government customer to join our team to provide Security Operations Support (SOC) Services to a government agency whose mission is to protect our Nations borders from terrorist attacks to provide law enforcement for over forty (40) Federal agencies and to protect the revenue of the United States while facilitating trade. The SOC is a single point of management and reporting for information security incidents. The SOC exists to prevent identify contain and eradicate cyber threats to networks through monitoring intrusion detection and protective security services to information systems including local area networks / wide area networks (LAN / WAN) commercial Internet connection public facing websites wireless mobile / cellular cloud security devices servers and workstations. The SOC is responsible for the overall security of Enterprise-wide information systems and collects investigates and reports any suspected and confirmed security violations.
TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. Technology moving at the speed of thought embodies these principles the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers.
We offer our full-time employees a competitive benefits package to include health dental vision 401K life insurance short-term and long-term disability plans vacation time and holidays.
Visit us at .
Apply now to explore jobs with us!
The safety and health of our employees is of the utmost importance. Employees are required to comply with any contractually mandated Federal COVID-19 requirements. More information can be found here.
Additional Job Information
WORK ENVIRONMENT AND PHYSICAL DEMANDS
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.
- Location: Ashburn Virginia
- Remote or In-Person: 100% On site. Remote/Telework not available.
- Type of environment: Office
- Noise level: Medium
- Work schedule: Schedule is day shift Monday Friday.
- Amount of Travel: Some travel may be required
PHYSICAL DEMANDS
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
WORK AUTHORIZATION/SECURITY CLEARANCE
Top Secret (SCI eligible)
OTHER INFORMATION
Please note this job description is not designed to cover or contain a comprehensive listing of activities duties or responsibilities that are required of the employee for this job. Duties responsibilities and activities may change at any time with or without notice.
TekSynap is a drug-free workplace. We reserve the right to conduct drug testing in accordance with federal state and local laws. All employees and candidates may be subject to drug screening if deemed necessary to ensure a safe and compliant working environment.
EQUAL EMPLOYMENT OPPORTUNITY
In order to provide equal employment and advancement opportunities to all individuals employment decisions will be based on merit qualifications and abilities. TekSynap does not discriminate against any person because of race color creed religion sex national origin disability age genetic information or any other characteristic protected by law (referred to as protected status). This nondiscrimination policy extends to all terms conditions and privileges of employment as well as the use of all company facilities participation in all company-sponsored activities and all employment actions such as promotions compensation benefits and termination of employment.
Employment Type
Full-Time
