Cyber Threat Analyst, Mid

Key Role:

Identify malicious threat actors, thwart hackers, and prevent data breaches as a security advocate for clients on a 24x7x365 threat intelligence center (TIC) team. Perform highly detail-oriented work that involves conducting security threat analysis and working with clients to provide remediation strategies and guidance. Validate and characterize threats and collaborate with others, as needed, and perform daily incident detection and response operations, collect host-based artifacts, and perform forensic analysis to determine if the asset has been compromised. Identify compromised computers using logs, live response, and computer centric evidence sources and form accurate and precise real-time host-centric analysis, including live response, digital forensics, malware analysis, log-centric analysis, and security information and event management (SIEM), as needed. Provide input on new detection strategies and remediation guidance to clients, analyze and assess security incidents, and escalate to client resources, appropriate teammates, and internal teams for additional assistance. Present analysis to other analysts for review, fine tuning, and feedback, work with the threat intelligence team to fine tune signatures and assist the incident response team with the incident response process. This position requires the ability to travel up to 50% of the time.

Basic Qualifications:
-3+ years of experience with IT
-Ability to clearly and concisely document findings to report and escalate Cyber incidents to customers and management
-Ability to take ownership of analytic work and provide constructive feedback to others
-Ability to work independently and in a team environment
-Ability to work a Panama schedule day shift from 6 am – 6 pm for a 24x7x365 environment
-Ability to travel up to 50% of the time
-HS diploma or GED

Additional Qualifications:

-Experience with network-centric analysis (NSM) and reviewing PCAP and TCP streams

-Experience in deploying and scripting detection solutions with Bro-IDS

-Experience with host-based detection and prevention suites, including McAfee EPI, OSSEC, Yara, MIR, CarbonBlack, or Tanium

-Experience with IT infrastructure, including system or application vulnerabilities and exploitation and operating systems, including Windows, *Nix, and Mac

-Knowledge of Splunk and other SIEM technologies

-Knowledge of scripting or programming, including Python, Perl, or C

-Knowledge of advanced persistent threats (APT) and Cyber crime

-Possession of excellent analytical, critical thinking, and problem solving skills

-Possession of excellent oral and written communication skills

-Possession of excellent critical thinking or problem-solving skills

-BA or BS degree or 2 years of experience in a professional work environment

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.


Not ready to apply? Join our talent community and sign up for job alerts.