Cyber Threat Analyst – Security Clearance

Job Description

Alȳn Inc. partners with Fortune 50 and top government agencies to help develop or realign their Cybersecurity Operations programs with NextGen initiatives by evaluating organizational structure, roles and responsibilities, and business objectives. We place experts in the organization to help guide the realignment of the program or fill skills gaps for better efficiency and effectiveness.

Whether it be threat intelligence, threat hunting, big data analytics, red teaming, or digital forensics, Alȳn Inc. has been a trusted partner for over a decade.

Why join Alȳn:

Upward growth opportunities
Medical, dental, and vision insurance
Paid time off
401K with company match
Voluntary life insurance
Voluntary short-and long-term disability insurance
Excellent support team

Alȳn Inc. is seeking an experienced candidate to serve as a Cyber Threat Analyst. The successful candidate is well versed in numerous security technologies, understands the motivations and capabilities of advanced threat actors and can communicate risks and make recommendations associated with specific network threats. The Cyber Threat Analyst will conduct threat intelligence research/development and hunt operations for threat indicators discovered in intelligence or within security incidents shared by partner analysts.

Responsibilities:

Review and analyze security data within the SIEM and network traffic such as full packet captures and/or Netflow data in order to detect traffic anomalies, identify infected systems and threat actor related activity based on known tactics, techniques, and procedures.
Monitor various security blogs, alerts and notifications, RSS feeds and forums in order to keep abreast of the latest security news, attacks, threats, vulnerabilities and exploits.
Create content feeds to detect malicious traffic based on known or detected indicators of compromise.
Create automated log correlations in Splunk, ELK, or a similar tool to identify anomalous and potentially malicious behavior.
Act in concert with Cyber Threat Intelligence to understand threats and to determine what risk these threats present to the client.
Incorporate CTI findings into threat hunting activities and workflow.
Contribute to incident response teams, maintaining relevant communication in emails, ticket summaries, analysis and reporting. Work with Incident Handlers to provide recommendations for remediation of compromised systems and any relevant counter-measures.
Contribute to the development of advanced threat actor profiles unique to clients and based upon analysis of acquired malware samples.
Review, create or document standard operating procedures, recommendations, project specific documents and resource guides as needed.
Conduct basic static and dynamic Malware Analysis.

Education:

BA/BS or equivalent
CISSP, GSEC, GCIA, or GNFA

Required Qualifications:

5+ years of strong network security, threat hunting, and threat intelligence experience
Active Secret Clearance and eligibility to obtain a Top Secret security clearance
Must be a US Citizen
Understanding of a variety of security tools including firewall logs, intrusion detection systems, windows logs, event management, packet capture, SIEM, EDR
Ability to create custom correlation rules to detect known or suspected malware traffic patterns within security tools
Packet-level knowledge of TCP/IP protocols and network applications and an understanding of TCP/IP routing behaviors
Solid knowledge of industry standard incident response procedures
Experience with MITRE ATT&CK Framework and documenting attacker TTPs
Strong analytical and critical thinking skills
Excellent writing and communication skills