Cyber Threat Analyst Sr. Advisor (Secret Clearance Required)

Clearance Level
Secret
Category
Cyber Security Technical Analysis
Location
Not Applicable, Virginia

REQ#: RQ59197

Travel Required: Less than 10%
Public Trust: None
Requisition Type: Regular

The Technical Shared Services Group is looking for an Analyst that will perform fusion analysis for our customers in security operation centers. The ideal candidate will :

  • Work with and be familiar with larger nation state threat actor groups
  • Detect nation state threat actor techniques, tactics, and procedures (TTP's)
  • Have the ability to perform all source analysis (taking open source reporting, classified reporting, as well as technical malware reports and tying activity together)
  • Have a solid understanding of network traffic / standard protocols (ex. HTTP, SMTP, DNS)
  • Work with malware / performing static/dynamic malware analysis
  • Create formal reporting products
  • Have a passion for security related work
  • Work in an Intel environment- having had previous work in a SOC/NOC as either an incident responder or intrusion detection analyst
  • perform threat hunting
  • Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems
  • Provide and incident Response and/or Detection .

Educational Requirements

  • BS and 10 years related experience or relevant experience.
  • Technical certifications such as CISSP CEH or other cert.
  • Have a certification - prefer IAT II (SEC+) and CND-IR (CEH, GCIH) DoD 8570 compliant

Qualifications

  • Experience network traffic / standard protocols (ex. HTTP, SMTP, DNS) or past threat experience
  • Experience with analysis of malware.
  • Experience with either ThreatConnect, VMRay SPLUNK or similar tool
  • Experience with nation state threat actor techniques, tactics, and procedures (TTP's) with ability to hunt threat actors on internal network
  • Experience with source analysis (taking open source reporting, classified reporting, as well as technical malware reports and tying activity together)
  • Experience with writing Yara signatures and implementing in SecurityOnion sensor grid
  • Secret Clearance
     
Desired
  • Previous work in a SOC/NOC as either an incident responder or intrusion detection analyst
  • Experience utilizing Virus Total intelligence to perform retrospecting hunting analysis
  • Previous experience leading a team of threat hunters

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.