- Washington, District of Columbia, United States
XOR Security is currently seeking talented Cyber Threat Analysts (Tier 2 Shift Lead) for multiple exciting positions supporting one of our premier clients. Our project is aimed at establishing cutting edge techniques for identifying threats and detecting malicious activity using advanced toolsets.
The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables. The candidate must be familiar with intrusion detection systems, netflow analysis, security information event management platforms, and cyber ticketing management.
This effort will require a skilled cyber analyst to coordinate analysis and response between network, digital media analysis, and malware teams. The candidate must have a strong understanding of network attack patterns, Tactics Techniques and Procedures used by our nation's adversaries, and excellent communication skills. The candidate should have experience providing leadership to a team and functioning as a technical escalation point.
Washington D.C., USA
Front end or Back end days
- Experience with various network defense toolsets (e.g., Splunk, Snort/SourceFire, NetWitness, ArcSight, Netflow / SiLK, Remedy).
- Strong understanding of proxy analysis. Must be able to read proxy logs.
- Strong logical/critical thinking abilities, especially analyzing network traffic and IDS events for malicious intent.
- Proficiency in cyber threat exploitation patterns, from discovery through establishing a persistent presence.
- Excellent leadership, communication, and coordination skills. Must be able to lead a team and provide technical guidance for Tier 1 analysts.
- Strong experience in cyber defense.
- Experience working in a Security Operations Center (SOC) or Network Operations Center (NOC) environment.
- Five (5) years of experience in network defense environments.
- Understanding of command line scripting and implementation. (e.g., Python, Powershell)
- Ability to write new content/searches/scripts. (e.g., Splunk dashboards, Splunk ES alerts, SNORT signatures, Python scripts, Powershell scripts.)
- Familiarity with Splunk Enterprise Security.
- Strong understanding of networking. (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS)
- Ability to perform netflow / packet capture (PCAP) analysis.
- Experience with cyber threat hunting.
- Bachelor’s Degree in Computer Science, Computer Engineering, or STEM majors.
XOR Security offers a very competitive benefits package including health insurance coverage from first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and SECRET CLEARANCE REQUIRED.