Senior Threat Research Analyst
Dunhill Solutions is proud to be partnered with a Cyber Security focused organization; that supports both the Government and Commercial industries. They have consistently been voted in the top places to work in Virginia, foster a collaborative environment, and promote personal and professional growth for their employees.
Their 4 services lines: Cyber Defense, Cyber Offense, Information Security, and Security Engineering & Architecture provide an extensive amount of opportunity for learning and expansion of your skill set.
This position requires previous experience in related IT security fields, including supporting or working in a 24x7x365 Security Operations Center (SOC). This role will be a standard M-F first shift positions.
- Incident response, event and system log analysis, forensic and malware analysis, and prioritize/differentiation between potential intrusion attempts and false alarms
- Create and track investigations to resolution. Compose security alert notifications
- Advise incident responders in the steps to take to investigate and resolve computer security incidents
- Stay up to date with current vulnerabilities, attacks, and countermeasures
- Assume responsibility and work autonomously in profession manner
- Assume management responsibilities if required
- This position requires US Citizenship due to our Federal contractual obligation
- Bachelors degree
- 6 years related work experience, including prior experience working as a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) analyst
- The following certifications are strongly desired: GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or other GIAC certifications.
- Candidate must possess excellent written communication skills and the proven ability to present complex, technical information to both technical and non-technical audiences
- Previous experience working in a large government or corporate enterprise environment is a requirement
- Proficiency in analyzing event and systems logs, performing forensic analysis, analyzing malware, and other incident response related data
- Experience with Splunk Enterprise or Splunk Enterprise Security
- Thorough understanding of incident response best practices and processes
- Understanding of attack vectors, threat tactics and attacker techniques
- Thorough understanding of network protocols
- Expertise in identifying and creating host and network-based indicators
- Strong problem solving, troubleshooting and analysis skills
- Experience a FireEye Network and Email deployment
intrusion detection, incident response, splunk, fireeye