** U.S. Citizens and GC Holders **
6-month contract to hire (will be converted immediately after 6-months)
Top Three Skills:
*Overall professional demeanor and prior education is a HUGE focus for this manager; feels like he has a lot of security "wanabees" on his team right now and is looking for elevated thought leaders. Certifications and degrees are not required, but he believes candidates should have either their CISSP or CEH and is used to working with technical resources that hold multiple degrees.
1. 3+ years of cyber intelligence and/or threat modeling and hunting
Cyber Intelligence --> Generally prior military/DOD experience; will be executive level at times (USAF, US Army Cyber Command is a good place to target)
Threat Modeling --> Looking inside systems, analytical ability, process vs. task orientation, indicators of attack, industry frameworks, incident response configs, remediation workflows for ES, documentation
Threat Hunting --> Scanning/monitoring tools (SIEM), endpoint management
2. 2+ years of experience with vulnerability management- includes pen and static testing; identifying, classifying, prioritizing, re-mediating, and mitigating software vulnerabilities
*Understanding of how dev. integrates with security; will be tasked with discussing findings with application owners who are not well-versed in InfoSec
3. Prior SOC experience- long-term Mark is looking to build out an internal SOC that all candidates on his team would be involved in, so the more knowledge here the better
4. Any experience within Splunk is a HUGE plus - he will be opening a dedicated Splunk role next (Splunk Enterprise Security, Splunk User Behavior Analytics, Splunk Machine Learning toolshit, Splunk Cloud, etc.)
*UBA experience is basically a start; not common skill-set
•3 years of Security Operations Center Threat Analysis experience
•OSCP, CEH, GPEN, ECIH, ECSA, CSTA or comparable certification
•Experience in Agile methodology
The Security Threat Analyst role will serve as a key contributing member of the Enterprise Threat Management team. The position responsibilities include work across the Threat Operations function inclusive of Threat Intelligence, Security Operations, and Vulnerability Management. Accountabilities may include, but not be limited to: network and application vulnerability scanning, penetration testing, security event monitoring, threat detection, threat modelling, threat hunting, and working with actionable intelligence to enact countermeasures. • Responsible for design and implementation of security strategy, architecture and platforms.
• 6 or more years of work experience in IT Security
• Bachelor’s degree in an IT, Computer Science, Cyber Security, Engineering, or related field or equivalent work experience
• Strong technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and./or threats
• Strong technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances
• Demonstrated knowledge of information threat analysis and detection concepts and principles and impact, inclusive of statistical analysis, correlation, historical trending, and interpretation.
• Ability to prepare threat models (MS Threat Model Tool, STRIDE/DREAD Risk Models, etc.) focused on application and system designs and architectures.
• Experience working and managing vendor performance and service level agreements
• Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.
• Strong technical knowledge of current systems, software, protocols and standards. (including TCP/IP and network administration/protocols).
• Demonstrated experience with and fundamental understanding of objected-oriented design concepts and patterns, one or more modern software programming and/or scripting languages related to web and/or mobile development.
• Proven ability to understand, interpret, and explain risk identification and remediation methodologies including risk score rankings (CVSS and CVE) and applicability to risk prioritization. Includes providing remediation action guidance to key stakeholders. Demonstrated experience with gathering, correlating, and actioning threat intelligence obtained from internal and external (public) intelligence sources.
• Experience developing, documenting and maintaining security procedures.
• In-depth knowledge of operating systems and security applications
• Proven ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously.
• Ability to communicate highly complex technical information clearly and articulately for all levels and audiences.
• Ability to manage tasks independently and take ownership of responsibilities
• Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
• Ability to adapt to a rapidly changing environment and quickly identify new trends and industry changes specific to security and advanced cyberattacks
• High critical thinking skills required to evaluate complex, multi-sourced security intelligence information, analyze and confirm root cause, an independently, or at times with the assistance of a Senior IT Threat Analysts or third-party vendor, identify mitigation alternatives and solutions that safeguard our technical environment.