Senior Cyber Incident and Threat Analyst

The Senior Cyber Incident and Threat Analyst will lead, manage, and provide expert-level cyber threat intelligence (CTI) and cybersecurity triage and analysis to support incident response and vulnerability management operations. This role demands a seasoned professional with a minimum of 10 years of experience in the field, capable of conducting high-quality cybersecurity incident triage and assessments.

What you will do as a Senior Cyber Incident and Threat Analyst:

• Perform cyber defense incident triage and recommend incident remediation strategies.
• Determine the scope, urgency, and impact of cyber defense incidents.
• Correlate threat assessment and incident data.
• Conduct comprehensive adversary research and analysis to determine technologies used by given adversaries.
• Identify and characterize intrusion activities against victims or targets, and profile targets and their activities.
• Develop cybersecurity indicators to maintain awareness of the dynamic operating environment.
• Identify near-term changes in adversary tactics, techniques, procedures, and technology.
• Report changes in patterns and trends within cybersecurity incidents in correlation with changing environmental factors.
• Provide descriptive and predictive analysis by fusing information from multiple reports.
• Demonstrate experience with Mitre ATT&CK and other analytic frameworks.
• Develop and document repeatable and effective processes for SOPs and WIs.
• Correlate incident data to identify patterns and trends within cybersecurity incidents.
• Generate requests for information and identify information essential to fill information gaps.

Qualifications:

• US Citizen (the nature of our contract requires employees be US citizens).
• Top Secret clearance required.
• At least 10 years of experience.
• Bachelor’s degree preferred. 
• Strong analytical and problem-solving skills with the ability to conduct in-depth triage and support research and analysis.
• Excellent communication skills, both written and verbal, for reporting and stakeholder engagement.
• Ability to work collaboratively in a team environment and manage multiple tasks simultaneously.
• Familiarity with emerging technologies and trends in cybersecurity.
• Strong understanding of network security principles and intrusion detection methodologies.
• Ability to identify and mitigate cybersecurity threats and vulnerabilities effectively.
• Relevant certifications such as Security+, CISM, CEH, or GIAC.
• Experience in the energy sector or other critical infrastructure industries.
• Proven ability to develop and document repeatable and effective processes for SOPs and WIs.
• Demonstrated expertise in identifying and mitigating cybersecurity threats and vulnerabilities.
• Ability to be on site in Arlington, VA.