Jun 27, 2019

Cyber Threat Analyst

  • Apex Systems
  • Washington, DC, USA
Full time Cyber Security

Job Description

Job #:  948916
Shift: Monday - Friday, 8 to 5PM 


  • Certification in one of the following (Security+, Network+, VA CSP, CISSP, C|EH)
  • Minimal Bachelors Degree
  • Obtain a VA public trust

Roles and Responsibilities:

  • Senior Cyber Security Specialist well-versed in security operations, cyber security tools, and Open Source information gathering from public and private sources.
  • Provide operational support on expert level analysis regarding Advanced Persistent Threats (APTs), Indicators of Compromise (IOC), Intelligence Gathering and sharing this information with other formalized partners.
  • Gather, extract, and disseminate open source intelligence (OSINT) on threat actors targeting the VA, health care industry, government agencies in general, as well as public sector
  • Work with industry partners to gather and share intelligence. Apply intelligence to the VA network and systems to proactively identify potential cyber threats
  • Provide proactive event monitoring/event management/configuration of the following security tools for targeted threats and malicious activity including but not limited to: Splunk, Palo Alto Networks, McAfee EPO, Cisco Ironport, Netscout, Sourcefire Defense Center and Bigfix
  • Determine if an event meets the criteria for additional cyber hunt investigation and/or constitutes a security incident subject to investigation
  • Review audit logs and identify any unusual or suspect behavior'- Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks
  • Develop and execute custom scripts to identify host-based indicators of compromise
  • Provide advanced technical capabilities to senior leadership, including Big Data Analytics, and Predictive Intelligence
  • Provide proactive APT hunting, incident response support, and advanced analytic capabilities
  • Profile and track APT actors that pose a threat to the organization in coordination with threat intelligence support teams
  • Support the incident response process by providing advanced analysis services when requested to include recommending containment and remediation processes, independent analysis of security events, and reporting of identified incidents to Incident Handling (IH)
  • Provide all VA cyber task areas with actionable intelligence and serve as the threat dissemination hub