Senior Threat Research Analyst

Dunhill Professional Search Washington, DC

Dunhill Solutions is proud to be partnered with a Cyber Security focused organization; that supports both the Government and Commercial industries. They have consistently been voted in the top places to work in Virginia, foster a collaborative environment, and promote personal and professional growth for their employees.

Their 4 services lines: Cyber Defense, Cyber Offense, Information Security, and Security Engineering & Architecture provide an extensive amount of opportunity for learning and expansion of your skill set.

This position requires previous experience in related IT security fields, including supporting or working in a 24x7x365 Security Operations Center (SOC). This role will be a standard M-F first shift positions.

Job Responsibilities:

  • Incident response, event and system log analysis, forensic and malware analysis, and prioritize/differentiation between potential intrusion attempts and false alarms
  • Create and track investigations to resolution. Compose security alert notifications
  • Advise incident responders in the steps to take to investigate and resolve computer security incidents
  • Stay up to date with current vulnerabilities, attacks, and countermeasures
  • Assume responsibility and work autonomously in profession manner
  • Assume management responsibilities if required

Job Qualifications:

  • This position requires US Citizenship due to our Federal contractual obligation
  • Bachelors degree
  • 6 years related work experience, including prior experience working as a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) analyst
  • The following certifications are strongly desired: GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or other GIAC certifications.
  • Candidate must possess excellent written communication skills and the proven ability to present complex, technical information to both technical and non-technical audiences
  • Previous experience working in a large government or corporate enterprise environment is a requirement
  • Proficiency in analyzing event and systems logs, performing forensic analysis, analyzing malware, and other incident response related data
  • Experience with Splunk Enterprise or Splunk Enterprise Security
  • Thorough understanding of incident response best practices and processes
  • Understanding of attack vectors, threat tactics and attacker techniques
  • Thorough understanding of network protocols
  • Expertise in identifying and creating host and network-based indicators
  • Strong problem solving, troubleshooting and analysis skills
  • Experience a FireEye Network and Email deployment

intrusion detection, incident response, splunk, fireeye