Cyber Threat Analyst III (Falls Church, VA)

Company: Paladin Consulting
Location: Falls Church
Posted on: March 19, 2023

Job Description:

Job Description

Paladin Consulting is currently hiring a Cyber Threat Analyst III to join our team working onsite at our client's office located in Falls Church, VA.

We work with companies that offer environments for our employees to contribute, learn, and advance their career. We treat you like you are part of the family.

Job Title:Cyber Threat Analyst III
Work Location:Falls Church, VA
Duration: Long-term contract

Job Description:
The Cybersecurity Operations Portfolio is in need of a Cyber Threat Analyst supporting its Threat Intelligence (TIU) program. The resource will be supporting TIU - Daily Operations. This resource will be working with the OPS: Threat Intelligence (TIU) team

Responsibilities :

• Implement a dynamic, advanced Risk-Based Alerting (RBA) security framework within Splunk
• Create and test detections written in advanced Splunk Programming Language (SPL)
• Perform analysis on hosts running on a variety of platforms and operating systems, to include, but not limited to, Microsoft Windows, UNIX, Linux, as well as embedded systems and mainframes.
• Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security.
• Leverage tools including Splunk, Tanium, FireEye suite as part of duties performing cyber incident response analysis.
• Act as an observer to Red Team penetration testing exercises and collaborating with Cybersecurity Operations Center (CSOC)
• Correlate event or incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
• Work with a diverse team of analysts in conducting incident triage, incident handling, and remediation. This position is expected to last through 01/00/1900. Skills & Qualifications :
  • Bachelor's OR Master's Degree in Computer Science, Information Systems, or other related field.
  • 5-7 years of experience with security operations and incident response
  • One or more of the following Certification(s): CISSP, CISA, CISM, GIAC, RHCE.
  • 5+ years experience with Splunk, MITRE ATT&CK Framework, Endpoint Security Services
  • Experience with host level scripting, eg. Powershell.
  • Experience in working with one or more Cloud Platforms
  • Familiarity with cybersecurity operation center functions
  • Linux Administration and monitoring
  • Windows Administration and monitoring
  • Experience with Security framework and can interpret use cases into actionable monitoring solutions. Strong working knowledge of:
    • Security Information and Event Management (SIEM) systems.
    • Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).
    • Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).
    • Network and Host malware detection and prevention.
    • Network and Host forensic applications.
    • Web/Email gateway security technologies.
    • Sysmon.
    • Log aggregation tools.
    • Demonstrated ability to establish priorities, manage shifting priorities, and handle numerous time-sensitive projects with multiple deadlines
    • Ability to accomplish goals working through formal and informal channels, with diplomacy and tactfulness
    • Demonstrated solid planning and organizational skills
    • Demonstrated experience working independently and as part of a team dditional Provisions:
      • Must be able to obtain a Position of Public Trust Clearance
      • Pass both a client mandated clearance process to include drug screening, criminal history check and credit check.
      • Once candidate's resume is approved and interview passed, the agency is responsible for providing drug screening. Failure to submit the drug screening results will delay the security clearance process.
      • If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.
      • All candidates must be a US Citizen, or have permanent residence status (Green Card).
      • Candidate must have lived in the United States for the past 5 years.
      • Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)
      • All overtime must be pre-approved in writing by the client manager or his/her designated representative.
      • Agency will not be reimbursed for overtime charges without previous written authorization. Authorized overtime will be reimbursed at straight time.
      • The enforced dress code is business casual, i.e. collared shirt with slacks for men, no skirts above the knee for women. For more information or to view other opportunities, visit us at www.paladininc.com.
        
        Paladin is an EEOC employer.

Keywords: Paladin Consulting, Washington DC , Cyber Threat Analyst III (Falls Church, VA), Professions , Falls Church, DC