- Springfield, Virginia, United States
XOR Security is currently seeking a talented Intermediate level Security Analyst to support an Intelligence customer focused on securing our national interests, and protecting our nations sensitive equities.
We are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response. Strong written and verbal communications skills are a must. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables. Additionally, the ideal candidate would be familiar with intrusion detection systems, intrusion analysis, security information event management platforms, and cyber ticketing management.
- Bachelor’s Degree in Information Technology, Cyber Security, Computer Science, Computer Engineering, or Electrical Engineering
- Minimum 3-5 years of experience in network defense environments
- Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (Attribution, Targeting) and Malware Analysis
- Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts
- Strong logical/critical thinking abilities, especially analyzing network traffic and IDS events for malicious intent.
- Ability to work on-call for escalated cyber security incidents
- Supports monitoring, response, and vulnerability assessment analysis or vulnerability assessment policy creation
- Takes on a primary role to support event analysis and incident response activities
- Analyzes all high and medium confidence events to confirm as incidents or false-positives
- Conducts incident response coordination for confirmed incidents
- Conducts malware analysis for malware incidents
- Supports Senior analysts in conducting cyber hunt activities by analyzing threat intelligence and creating content for the SIEM and other monitoring devices
- Supports Senior analysts in creating monitoring content or modifying vendor content within the SIEM and other monitoring devices
- Active Top Secret with SCI eligibility
- Certifications: CEH, GCIH, GCFA, GCFE, GCIA or other similar GIAC certifications, Security+, ENCE
- Hands on experience responding to Advanced Persistent Threats or Emerging Threats
- Expertise on policies, industry trends, techniques related to penetration testing
- Ability to read and interpret PCAP data
XOR Security offers a very competitive benefits package including health insurance coverage from first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements – US CITIZENSHIP REQUIRED.