GovStaff has a permanent opening for a Cyber Security Analyst under a key mission support program in Alexandria, VA. The selected candidate will be utilizing modern Cyber Threat Intelligence tools and platforms to monitor, evaluate, and respond to cyber security threats in a SOC environment. Due to the nature of the work, an active TS/SCI security clearance is required for consideration.

• Offering a competitive salary in the range of $105,000 to $130,000 - Depending on related experience, education, and certifications
• Excellent benefits including 100% premium coverage for Medical, Dental, Vision, and Life Insurance, Supplemental Insurance, 401K matching, Flexible Time Off (PTO/Holidays), Higher Education/Training Reimbursement, and more
• Work is onsite in Alexandria, M-F, standard business hours.
• No remote work or hybrid work options available.

• Bachelor's degree in Computer Science, Computer Engineering, or related field
• 8+ years of prior relevant experience; additional years of experience may be substituted in lieu of a degree.
• Active or Current TS/SCI Security Clearance
• Experience with computer network defense (CND) technologies spanning endpoint, network, and open source.
• Cyber Kill Chain or MITRE ATT&CK experience.
• Experience with Threat actor TTP and indicator identification using large data sources.
• Must have a strong understanding of how enterprise endpoint and network components contribute to Threat Intelligence and adversary detection.
• 8570 IAT II certification is required prior to start. (Security +, SSCP, CySA+, GICSP, CCNA Security)
• Preferred 8570 CSSP-Analyst certification. If not, it must be obtained within 6 months of the work start date.
• Preferred experience working for a Cybersecurity Service Provider (CSSP) or in a Security Operations Center (SOC)
• Preferred experience using a prominent Security Information and Event Management (SIEM) (ex. Splunk, Elasticsearch, ArcSight, QRadar)
• Preferred Custom Signature development experience.
• Preferred Packet Analysis experience.

• Implement the core Threat Intelligence concepts (ex. Cyber Kill Chain, MITRE ATT&CK, DoDCAR)
• Reporting on new or emerging threats and threat vectors.
• Utilize SIEM technologies to correlate security events and logs and identify threats.
• Incorporate threat intelligence into countermeasures to detect and prevent intrusions and malware infections.
• Identify threat actor tactics, techniques and procedures based on indicators.
• Develops custom signatures and blocks.
• Understand and employ the MITRE ATT&CK Matrix.
• Recognize what you'll need to know to prevent or identify APT intrusions.
• Identify network architectures and select network components.
• Understand concepts of log and packet analysis
• Navigate the command line using specific expressions to manipulate data.
• Handle and organize disparate data about detections, attacks, and attackers.
• Employ discovery techniques and vetting of new intelligence.
• Create Situational Awareness Reports and Threat Briefs