Cyber Threat Analyst

Description

Job Description Requires extensive knowledge of computer operating systems, networks, log analysis and security tools. Applies engineering principles to cybersecurity challenges. Necessary skill areas: fundamentals of computer science, information analysis, testing software, log analysis, event correlation, anomaly detection, and behavioral analysis. Defining cybersecurity controls for different systems and networks. Creates novel cyber security technology components to ensure that critical systems/information are resilient to cyber exploits and attacks. Performs attendant vulnerability assessments, analysis, and software engineering and design. Ensures cybersecurity needs established and maintained for operations, security requirements definition, security risk assessment, information systems analysis, information systems design, information systems hardening, configuration and maintenance of other security boundary devices (IDS/IPS, Firewalls, perimeter routing) and vulnerability scanning, incident response, disaster recovery, and operations continuity planning and provides analytical support for security policy development and analysis. Engineers, implements, and maintains Information Technology Infrastructure and associated cybersecurity controls. Areas of responsibility include but are not limited to information security operations, cyber risk & intelligence, data loss & fraud protection, regulatory compliance, policy management and audits & assessment. Key Responsibilities Helps with the validation security control configuration on systems, ensure all systems are configured to necessary controls, such as NIST, DFARS 252.204-7012, CMMC, and other similar requirements. Performs day to day analysis of security threats. Performs day to day remediation of security incidents. Provide leadership to lower-level cybersecurity and IT professionals across the enterprise.

Skills

Soc, Threat hunting, Splunk, Crowd Strike, Code-42, Incident response, Analysis

Top Skills Details

Soc,Threat hunting,Splunk,Crowd Strike,Code-42

Additional Skills & Qualifications

Additional Responsibilities Assuring implementation of technical solutions supportive of institution information and Cybersecurity systems while identifying potential threatening behaviors through analysis of user compliance. Supporting information security operations, Cyber risk & intelligence, data loss and fraud protection, regulatory compliance, policy management and audits and assessment. Able to perform root cause analysis to identify and incorporate opportunities for continuous process improvement and future risk mitigation efforts, will be able to comprehend functionality of multiple technical tools and develop understanding of collection techniques and methodologies, recommend and develop requirements, specifications, design and procedures to satisfy security policy and planning and understand and author analytical reports identifying technical and behavioral analysis identified through independent reviews using multiple technology solutions. Ensures Cybersecurity needs are established and maintained for operations, security requirements, security risk assessment, information systems analysis, information systems design, information systems hardening, configuration and maintenance of other security boundary devices and vulnerability scanning, incident response, disaster recover, and operations continuity planning. Able to provide analytical support for security policy development and analysis identifying countermeasures associated with responsibilities. Engineer, implement, and maintain information technology solutions and associated Cybersecurity controls directly supporting the Insider Threat Program. Directly support the Insider Threat Program and focus on operational collection methods while performing studies through analysis and provide decision support for potential program enhancements in direct support of guidance derived from contractual requirements outlined in 32 CFR Part 117, National Industrial Security Program Operating Manual (NISPOM)

Experience Level

Expert Level