Cyber Security Analyst
Company: LookingGlass Cyber Solutions
Posted on: October 8, 2018
LOOKINGGLASS CYBER SOLUTIONS is looking for a motivated analyst to join our team. In support of our client's mission - the Cyber Security Analyst will be responsible for providing decision makers actionable intelligence to reduce the risk to the client's Information technology infrastructure and data assets. In concert with the organization's security stakeholders, the analyst will pioneer efforts to design, implement and manage the client's Cyber Security program. OVERVIEW OF POSITION: The Analyst will be expected to conduct threat assessments, vulnerability assessments, statistical analysis and provide warnings, alerts, and bulletins to the client. Additionally, the analyst will work in collaboration with other security professionals to identify, threats and vulnerabilities to Information Technology (IT) systems and develop intelligence products to inform client stakeholders. The analyst should have a broad understanding and knowledge of information technology areas such as networking, systems programming, applications development, disaster recovery, email investigations and/or web operations. By providing awareness of Advanced Persistent Threats (APT) actors, Techniques, Tactics and Procedures (TTP), indicators of compromise (IOC), cyber security warnings, and operational readiness, the Cyber Security Analyst protects the interests in the organization, supports the security of technology infrastructure and helps build trust with the goal of improving cyber information sharing. In order to achieve the above results, this position will be responsible for the following: Perform cyber threat analysis, alerting, and reporting based on intelligence and information gathered from both internal and external sources . Collect information from open source threat feeds as well as both public and private sources to conduct research and analysis to develop products that will be disseminated to the client, to include Information Intelligence Reports (IIRs), ad-hoc Investigations and Intelligence Assessments. Initiate trend analysis based on available data collected to identify anomalies. Maintain intelligence files on adversaries and their tactics. Apply expertise in both host and network analysis to ascertain the impact of a potential cyber-attack on the client and develop threat trends and mitigation techniques and countermeasures that can prevent future attacks. Aid internal Teams in developing and implementing advanced threat actor hunt methodologies and detection mechanisms. Coordinate analytic and investigative efforts amongst technical and intelligence teams during critical cyber events, incidents or crisis. Support and report on the continuous evolution of cybersecurity policy trends and issues including review new requirements or concerns. QUALIFYING REQUIREMENTS: Preferred Bachelor's degree or equivalent work experience of 2 years in IT Network Security or Information Security. Preferred industry standard cyber security certifications such as CCNA, Security, Network or Certified Ethical Hacker (CEH) Certification. Preferred prior experience working in a cyber-threat analysis related function. Equivalent cyber competition experience may be accepted in lieu of years of cyber threat analysis experience. Preferred working as a self-starter and being self-motivated. Prefer being able to work collaboratively and at times independently with both private, public and academic sectors threat intelligence teams. Preferred strong cyber security analytical and situational awareness skills. Preferred exceptional written and verbal communication and presentation skills. Preferred surface level understanding of security event monitoring concepts and escalation processes. Preferred experience using network forensic tools and analysis techniques with ability to potentially identify malicious traffic and infection vectors. Preferred experience or knowledge analyzing Netflow, DNS, Proxy and web access logs Preferred experience or basic knowledge of network exfiltration techniques (Command & Control). Preferred experience in packet capture analysis using TCPdump or Wireshark. DESIRED QUALIFICATIONS: Be able to conduct a surface level understanding of security event and incident monitoring concepts, mitigation steps and escalation processes. Be able to demonstrate a methodical, data-driven approach to security threat intelligence analysis using the kill chain. Be able to think creatively to recommend progressive security improvements Be able to stay ahead of the latest trends in cyber-criminal behavior, detection, mitigation procedures and incident response techniques. Be able to review information to determine its significance, validate its accuracy and assess its reliability to technical and non-technical audiences. Be able to research and provide knowledge of APTs and TTPs, malware and cyber-attacks to them. The ideal candidate may have extensive knowledge of a variety of cyber security domains and topics including cyber-crime techniques, tactics and procedures, computer forensics, hacktivisim, Distributed Denial of Service attacks, Malware analysis, Host/Network-based intrusion detection, Network monitoring, IDS/IPS, Firewalls, Proxy servers, load balancers, Symmetric and Public Key Encryption. The ideal candidate may be able to speak to and provide technical analysis of various data log types from multiple operating systems, and origins such as Proxy, AD, Registry, and DLP The ideal candidate may have knowledge of scripting and/ or programming languages including Python, PHP, Perl, Bash, C, or others. The ideal candidate may have experience developing tools to assist in analyzing various forms of cyber threat data. Duties and Responsibilities Associated with Looking Glass Platform Daily review, exploitation and analysis reports based on ScoutVision and ScoutPrime Threat Intelligence Platforms structure content using the LookingGlass platform and tools as well as third-party and/or customer provided data and tools where appropriate. ScoutPrime, ScoutVision and LookingGlass proprietary ThreatPool research and analysis of relevant networks. Review, analysis, and delivery of relevant findings from structured threat feeds and platforms (ScoutVision, ScoutPrime). Research and analysis of relevant incidents, postings, threat actors and cyber events. Compilation of metrics, graphs and data, and preparation of departmental and management presentations. Analysis of artifacts from available online/cyber activity including but not limited to domains, IP addresses, URLs, usernames, NICs and other electronic IDs Analysis of economic, geopolitical and other "real world" events that may directly impact the client. Additional analyst job duties may also include: The Daily review, exploitation and analysis open source intelligence reports based on the fully licensed Cyber Threat Center's Platform. Open source/online research and analysis of collected incidents, postings, threat actors and events. Collection, review and delivery of relevant findings from the dark web. Collection, review, Analysis and delivery of relevant findings from the dark web. EOE/AA/M/F/Veteran/Disability Employer Note: To apply for this job, submit your application by clicking on the Apply Now button on this page
Keywords: LookingGlass Cyber Solutions, Reston , Cyber Security Analyst, Professions , Reston, Virginia
Didn't find what you're looking for? Search again!