- Washington, District of Columbia, United States
XOR Security is currently seeking talented Cyber Threat Analyst's (Tier 3) professionals for multiple exciting positions supporting one of our premier clients within the Department of Homeland Security. Our project provides comprehensive operational cybersecurity situational awareness and response readiness by performing 24x7 cybersecurity monitoring and advanced analytics for the Next Generation Enterprise Security Operations Center (ESOC).
The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables. Additionally the ideal candidate would be familiar with intrusion detection systems, netflow analysis, security information event management platforms, and cyber ticketing management.
This effort will require a skilled cyber analyst to triage cyber events, identify high-risk items for deeper analysis, and conduct in-depth reviews of network traffic.
- Bachelor's Degree in Information Technology, Cyber Security, Computer Science, Computer Engineering, or Electrical Engineering.
- Minimum five (3) years of experience in network defense environments.
- Strong analytical and technical skills in computer network defense operations - Incident Handling (Detection, Analysis, Triage), Hunting (Attribution, Targeting) and Malware Analysis
- Strong or Intermediate ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity. Candidate must be able to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system forensic analysis. Candidate must be able to identify analytic bias.
- Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts
- Strong logical/critical thinking abilities, especially analyzing network traffic and IDS events for malicious intent.
- Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength.
- Strong proficiency Report writing - a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reporting
- Continually develop, maintain, and optimize all program documentation related to Security Engineering based upon innovation, industry techniques, policies, laws and regulations
- Support SOC Operations and the tools that are used by the various subordinate SOCs
- Secret Clearance
- Certifications (8570 ->8140): CISSP, CEH, Security+, SANS certification(s), Network+, CCNA
- Technical Skills proficiency: Python language, encryption technologies/standards
- Intermediate malware analysis or digital computer forensics experience
- Any type of Cyber related Law Enforcement or Counterintelligence experience
- Existing Subject Matter Expert of Advanced Persistent Threat or Emerging Threats
- Expertise on policies, industry trends, techniques related to penetration testing
XOR Security offers a very competitive benefits package including health insurance coverage from first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP REQUIRED.