Cyber Threat Intelligence Analyst

About The Position

Requirements

• Bachelor’s Degree in Computer Science/Computer Engineering, Information/Network Security, Cybersecurity, or related field with 5-7 years of related work experience; OR equivalent experience in lieu of degree.
• Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
• Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
• Coursework and previous experience directly related to Cyber Operations environment.
• Experience with Splunk, ServiceNow, Recorded Future, Anomali ThreatStream, and other cybersecurity tools as required.
• Ability to work in a team environment ability to taking initiative to understand and master new operating systems, security applications and open-source tools.
• Knowledge with Windows and Linux operating systems and common applications, working knowledge of and experience in detecting malicious code and methods of infection (ports, attachments, etc.).
• Knowledge of information systems security concepts and technologies; network architecture and tools; general database concepts; document management; hardware and software troubleshooting; intrusion tools; and open-source alternatives.
• Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects.
• Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).
• Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
• At least one certification from the CSSP Incident Responder Category (CEH, CFR, CCNA Cyber Ops, CCNA-Security, CHFI, CySA+ , GCFA, GCIH, SCYBER, PenTest+)
• Successful completion of a Fingerprint background investigation.
• Must be a U.S. Citizen

Responsibilities

• Conduct all-source analysis, digital forensics, and targeted research to identify, monitor, assess, and counter the threat posed by criminal cyber actors.
• Utilize threat intelligence platforms and tools to mitigate potential threats to users, networks, and data.
• Respond to computer security incidents in compliance with Information Security Policies and Industry Best Practices.
• Coordinate the efforts of and provide timely updates to multiple sectors and business units during incident response.
• Provide security related recommendations to the team as threat events unfold.
• Provide information and assessments for the purposes of informing leadership and users/customers.
• Perform network security analysis in support of Intrusion Detection operations including the development and enrichment of indicators used to enhance the network security posture.
• Contribute to a team of information security professionals analyzing threat data, writing reports, briefing event details to leadership, and coordinating remediation activities across multiple State agencies.
• Ensures technical security improvements are effective and maintained within configuration management structures.
• Ensures technology employed by the Security Monitoring Team compliments operational processes.
• On occasion, provide extended shift coverage with minimal travel required.
• Monitor various information security related platforms and forums including Recorded Future, Anomali ThreatStream, SANS Internet Storm Center, Krebs on Security, and other forums and mailing lists to stay up to date on current network threats, attack methodologies and trends.
• Analyze the potential impact of new threats and exploits and communicate risks to relevant leadership and business units.
• Monitor the State of Maryland networks to find anomalous or malicious activity using various analytical methods and Security Event and Incident Monitoring (SEIM) tools in a fast-paced operational environment.

Benefits

• Virtual health visits, commuter perks, pet insurance, and entertainment discounts that make life easier.
• Annual performance reviews, tuition assistance, and internal career growth opportunities to help you thrive.
• Generous 401(k) matches, life and disability insurance, and financial wellness tools to support your future.
• Annual awards, service anniversaries, referral bonuses, and peer-to-peer shoutouts that spotlight your achievements.
• Healthcare coverage, wellness programs, flu shots, and biometric screenings to support your health.