Cyber-Intelligence Analyst III

Mclean, VA
Sep 15, 2017
Sep 18, 2017
Analyst, Intelligence
Full Time
Overview: Vencore is a proven provider of information solutions, engineering and analytics for the US Government. With more than 40 years of experience working in the defense, civilian and intelligence communities, Vencore designs, develops and delivers high impact, mission-critical services and solutions to overcome its customers most complex problems. Headquartered in Chantilly, Virginia, Vencore employs 3,800 engineers, analysts, IT specialists and other professionals who strive to be the best at everything they do. Vencore is an AA/EEO Employer - Minorities/Women/Veterans/Disabled Responsibilities: As a Cyber Security Systems Engineer, you will implement and conduct all engineering activities in accordance with the organization's relevant approved processes. You'll be working with some of our nation's best to solve challenging security problems and identify sophisticated adversaries in a fast-paced and continuously evolving environment, while helping steer the direction and evolution of the team. The Analysis Cell evaluates threats to the environment and is responsible for enabling an intelligence driven defense that detects potentially malicious events occurring within our customer enterprise networks.Specific tasks may include but are not limited to the following:Construct and exploit threat intelligence to detect, respond, and defeat advanced persistent threats (APTs)Fully analyze network and host activity in successful and unsuccessful intrusions by advanced attackersPiece together intrusion campaigns, threat actors, and nation-state organizationsConduct advanced threat hunt operations using known adversary tactics, techniques and procedures as well as indicators of attack in order to detect adversaries with persistent access to the enterprise.Develop and produce reports on all activities and incidents to help maintain day to day status, develop and report on trends, and provide focus and situational awareness on all issues.Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs.Notify the management team of significant changes in the security threat against the government networks in a timely manner and in writing via established reporting methods.Coordinate with appropriate organizations within the intelligence community regarding possible security incidents.Maintain knowledge of the current security threat level by monitoring related Internet postings, Intelligence reports, and other related documents as necessary. Required:B.S. degree in computer engineering, cyber security, information systems, or related discipline.Minimum 5 years experience in cyber security analysis or incident response.Any DoD IAT Level I or higher certification such as Security, A+, CISSP, CND-A or other information security certification.Desired:Previous experience in cyber threat researchPrior experience in researching APTs and malware campaign activityAbility to work with SNORT and YARA signaturesStrong understanding of operating systems and network protocols.Experience with any security information management tool such as ArcSight, QRadar or Splunk Enterprise Security