Join Our Team
Threat Analyst (US-CERT)
- Job Title
- Threat Analyst (US-CERT)
- Requirement ID
- 27037345
- Location
- Arlington, VA 22203
- Other Location
- Description
-
Aveshka is seeking a Threat Analyst to support the Department of Homeland Security's United States Computer Emergency Readiness Team (US-CERT) efforts to improve the Nation's cybersecurity posture, coordinate cyber information sharing, and proactively manage cyber risks to the Nation while protecting the constitutional rights of Americans. US-CERT strives to be a trusted global leader in cybersecurity—collaborative, agile, and responsive in a dynamic and complex environment.
US-CERT is the 24-hour operational arm of the Department of Homeland Security's National Cybersecurity and Communications Integration Center (NCCIC). Through its 24x7 operations center, US-CERT accepts, triages, and collaboratively responds to incidents; provides technical assistance to information system operators; and disseminates timely notifications regarding current and potential security threats and vulnerabilities.Essential Functions:
- Database management in Microsoft Access
- All source cyber-threat research
- Technical Indicator Analysis
- Drafting analysis products: ie IBs, JARs, ARs, Whitepapers
In this position, currently, a candidate must be at a minimum knowledgeable of of TCP/IP Protocol, aware of typical threat actor attack methods and vectors. Candidates must also be self-starters, have some experience with either the Lockheed Martin Kill Chain, the “Diamond Model”, METT-TC, or other assessment frameworks which grant them the knowledge and ability to assess a threat with a logical and repeatable approach. Database entry is a large part of the current workload so they must accept this ‘housekeeping’ function. CTIS is currently in the middle of what appears will be an extended transition so work expectations, workload, and daily job functions shift every few months between technical analysis, production and threat analysis and information parsing.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Required Skills
-
• Bachelor’s Degree and experience of 4 years or more with:
• 2+ years of cyber threat analysis, network intrusion detection, or threat assessment experience and cyber certification
• TS//SCI
- Optional Skills
-
Desired Experience:
• 2+ years of SOC experience
• 2+ years of Threat Analysis
• Knowledge of how the internet works (what happens when you type “google.com” into a web browser)
• Understanding of the relationship between threats, vulnerabilities and exploitation
• Comptia Security+ Certified and some specialty certifications ( CEH or CHFI )
• DHS suitability
• Technical knowledge in how malware operates (interview question)
• Knowledge of how cybercriminals and hackers construct and execute campaigns (interview question)
• Experience with cybersecurity technologies (interview question)
• Intelligence tradecraft skills on how to uncover and interpret information about threat actors (interview question)
• Analytic and critical thinking skills to produce recommendations that are relevant and actionable (interview question)
• Knowledge of at least two CLAN sources (interview question)
- Openings
- 1