Description
Cyber Threat Analyst
Location: Arlington, VA
Must have Top Secret Security Clearance
Node is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel perform investigations to characterize the severity of breaches, develop mitigation plans, and assist with the restoration of services. Node is seeking a Cyber Threat Analyst to support this critical customer mission.
Responsibilities:
- Researching and compiling known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents within the enterprise - Applying knowledge of the tactics, techniques, and procedures of various criminal, insider, hacktivist, and nation-state threat actors to identify and validate threats - Applying cybersecurity concepts to the detection and defense of intrusions into small, and large-scale IT networks, and conducting cursory analysis of log data- Conducting cursory analysis of log data- Monitoring external data sources (e.g., Computer Network Defense vendor sites, Computer Emergency Response Teams [CERTs], SANS, Security Focus) to maintain currency of Computer Network Defense threat condition and determine which security issues may have an impact on the enterprise - Identifying the cause of an incident and recognizing the key elements to ask external entities when learning the background and potential infection vector of an incident- Receiving and analyzing network alerts from various sources within the enterprise and determine possible causes of such alerts - Tracking and documenting Computer Network Defense (CND) incidents from initial detection through final resolution- Working with other components within the organization to obtain and coordinate information pertaining to ongoing incidents.- Providing support during assigned shifts (M-F Day shift 0830-1730)
Requirements
Required Skills:
- U.S. Citizenship-
Must have an active TS/SCI clearance
- Must be able to obtain DHS Suitability-
2+ years of directly relevant experience in cyber incident management or cybersecurity operations
- Knowledge of incident response and handling methodologies- Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident- Knowledge of general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)- Skill in recognizing and categorizing types of vulnerabilities and associated attacks- Knowledge of basic system administration and operating system hardening techniques- Knowledge of Computer Network Defense policies, procedures, and regulations- Knowledge of different operational threat environments (e.g., first-generation [script kiddies], second-generation [non- nation-state sponsored], and third-generation [nation-state sponsored])- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)- Must be able to work collaboratively across physical locations
Desired Skills:
-
Knowledge of basic system administration and operating system hardening techniques
- Knowledge of Computer Network Defense policies, procedures, and regulations- Knowledge of different operational threat environments (e.g., first-generation [script kiddies], second-generation [non- nation-state sponsored], and third-generation [nation-state sponsored])- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)
Required Education:
BS
Incident Management, Operations Management, Cybersecurity or related degree. HS Diploma with 4-6 years of incident management or cyber security experience.
Company Overview:
Node. Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.Our Core Values help us in our mission. They include:OUR CORE VALUESIdentifying the~RIGHT PEOPLE~and developing them to their full capabilitiesOur customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partnerWe believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellenceOur mantra is “~Simple*Secure*Speed~” in the delivery of innovative services and solutions
Benefits
We are proud to offer competitive compensation and benefits packages to include:
- Medical
- Dental
- Vision
- Basic Life
- Long-Term Disability
- Health Saving Account
- 401K
- Three weeks of PTO
- 10 Paid Holidays
- Pre-Approved Online Training