hackajob
Senior Cyber Threat Intelligence Analyst
hackajob, Washington, District of Columbia, us, 20022
Overview
ManTech seeks a motivated, career- and customer-oriented
Senior Cyber Threat Intelligence Analyst
to join our team in the
DC, Maryland, and Virginia (DMV) area . Hackajob is collaborating with
MANTECH
to connect them with exceptional tech professionals for this role. Responsibilities
Support the design, development, implementation, and improvement of the enterprise Cybersecurity Threat Intelligence (CTI) program. Monitor open source intelligence feeds, sources, websites, etc., to identify emerging and zero-day threats and potential risks to enterprise security; compile and synthesize reports; analyze threat vectors and methods of attack via MITRE ATT&CK and the cyber kill chain. Compose emails and strategic communications to inform subscribers and stakeholders of emerging risks. Collaborate with other internal and external POCs and teams to improve the security posture of the DHS enterprise. Collaborate with incident response teams to investigate, analyze, and remediate identified threats; stay current with the latest cyber threat intelligence, trends, and technologies. Identify and assess the capabilities and activities of cyber criminals or foreign intelligence entities; design and administer procedures that sustain the security of the organization’s data and access to its technology and communications systems. Proactively search for and identify cyber threats, including advanced persistent threats (APTs), that could compromise DHS networks and systems. Analyze network traffic, system logs, and other data sources to detect anomalies and indicators of compromise (IOCs). Develop and provide threat intelligence reports, advise and use methodologies, techniques, and tools to improve detection capabilities. Create and refine threat detection use cases and correlation rules within SIEM and other security tools. Qualifications
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. 8+ years of experience in cybersecurity with a focus on SIEM engineering and operations. Proficiency with threat hunting tools and platforms (e.g., Splunk, ELK Stack, CrowdStrike, Carbon Black). Strong understanding of network protocols, system logs, and security event correlation. Experience in analyzing malware, attack vectors, and threat actor TTPs. 8570 compliant certifications; relevant certifications such as CISSP, GCIH, GCFA, GCIA, or similar are highly desirable. Relevant certifications such as CISSP, CISM, CEH, or SIEM-specific certifications (e.g., Splunk Certified Power User) are highly desirable. Preferred Qualifications
Previous Network Operations Center (NOC) or IT Operations experience. Familiarity with DHS policies and procedures. Knowledge of broader cybersecurity frameworks (e.g., NIST, ISO 27001). Understanding of ITIL4 principles. Master’s Degree. Clearance Requirements
Must have a current/active Secret clearance with the ability to obtain and maintain a TS/SCI. The ability to obtain and maintain a DHS EOD suitability is required prior to starting this position. Physical Requirements
Must be able to remain in a stationary position 50% of the time. Constantly operates a computer and other office productivity machinery. Occasionally move about inside the office to access file cabinets, office machinery, etc. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Software Development
#J-18808-Ljbffr
ManTech seeks a motivated, career- and customer-oriented
Senior Cyber Threat Intelligence Analyst
to join our team in the
DC, Maryland, and Virginia (DMV) area . Hackajob is collaborating with
MANTECH
to connect them with exceptional tech professionals for this role. Responsibilities
Support the design, development, implementation, and improvement of the enterprise Cybersecurity Threat Intelligence (CTI) program. Monitor open source intelligence feeds, sources, websites, etc., to identify emerging and zero-day threats and potential risks to enterprise security; compile and synthesize reports; analyze threat vectors and methods of attack via MITRE ATT&CK and the cyber kill chain. Compose emails and strategic communications to inform subscribers and stakeholders of emerging risks. Collaborate with other internal and external POCs and teams to improve the security posture of the DHS enterprise. Collaborate with incident response teams to investigate, analyze, and remediate identified threats; stay current with the latest cyber threat intelligence, trends, and technologies. Identify and assess the capabilities and activities of cyber criminals or foreign intelligence entities; design and administer procedures that sustain the security of the organization’s data and access to its technology and communications systems. Proactively search for and identify cyber threats, including advanced persistent threats (APTs), that could compromise DHS networks and systems. Analyze network traffic, system logs, and other data sources to detect anomalies and indicators of compromise (IOCs). Develop and provide threat intelligence reports, advise and use methodologies, techniques, and tools to improve detection capabilities. Create and refine threat detection use cases and correlation rules within SIEM and other security tools. Qualifications
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. 8+ years of experience in cybersecurity with a focus on SIEM engineering and operations. Proficiency with threat hunting tools and platforms (e.g., Splunk, ELK Stack, CrowdStrike, Carbon Black). Strong understanding of network protocols, system logs, and security event correlation. Experience in analyzing malware, attack vectors, and threat actor TTPs. 8570 compliant certifications; relevant certifications such as CISSP, GCIH, GCFA, GCIA, or similar are highly desirable. Relevant certifications such as CISSP, CISM, CEH, or SIEM-specific certifications (e.g., Splunk Certified Power User) are highly desirable. Preferred Qualifications
Previous Network Operations Center (NOC) or IT Operations experience. Familiarity with DHS policies and procedures. Knowledge of broader cybersecurity frameworks (e.g., NIST, ISO 27001). Understanding of ITIL4 principles. Master’s Degree. Clearance Requirements
Must have a current/active Secret clearance with the ability to obtain and maintain a TS/SCI. The ability to obtain and maintain a DHS EOD suitability is required prior to starting this position. Physical Requirements
Must be able to remain in a stationary position 50% of the time. Constantly operates a computer and other office productivity machinery. Occasionally move about inside the office to access file cabinets, office machinery, etc. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Software Development
#J-18808-Ljbffr