Cybersecurity Technical Threat Analysis Team Lead

Csra Inc. Rosslyn , VA 22209

Posted 2 months ago

Primary Location

Rosslyn , VA

United States

Job Requisition

RQ26734

Category

Information Technology

Apply

Legacy CSRA employee login

Program Description: Serves as the team lead for cybersecurity technical threat analysis and special operations in support of a major federal client. This organization provides services that analyze and produce enhanced cyber security and threat intelligence information to include threats and potential threats to the customer's information and information systems; provides timely and relevant technical analysis to assist with mitigating cyber threats confronting the Department; supports evaluation, implementation, and operations of tools/technologies used in advanced analysis. Responsible for the delivery of written and oral briefings to stakeholders and community partners across the Foreign Affairs community.

Functional Duties: The Cybersecurity Technical Threat Analysis Team Lead will oversee a team focused on the customer's overall cyber threat analysis efforts. Responsible for oversight and performing advanced analysis of adversary tradecraft, malicious code, and Advance Persistent Threat capabilities. In addition, this team: analyzes computer, communication, network security events and exploits to determine security vulnerabilities and recommend remedial actions; conducts forensic, malicious code, and packet-level analyses to develop comprehensive technical reports stepping through complete reverse engineering of incidents; and recommends countermeasures based on the identified techniques, tactics, procedures, and behavior patterns used by adversaries. This team is also responsible for developing alert criteria to improve incident response capabilities; as well as, contributes to development, writing, and reviewing of SOPs.

In addition, the Team Lead works across multiple teams to gather and analyze both open-source and controlled information. Analysis may include identification of campaigns intended to compromise or misrepresent the interests of the USG. Candidate should possess experience with and knowledge of cyber threat and/or intelligence analysis. Candidate should have proven expert written and oral communication skills to include experience with executive-level presentations. Candidate should have knowledge related to the current state of cyber related adversary tactics and trends. Candidate will possess the ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments.

Responsibilities

  • Maintaining and evolving team organization, documentation, and processes, while adapting to emerging threats.

  • Building positive rapport across the USG to encourage information-sharing relationships and user reporting.

  • Sharing defensive techniques with other analysts, related teams, and customer senior officials, developing best practices recommendations and policies for unique use cases.

  • Working closely with customer leadership to prioritize workload and tasks.

Qualifications:

Education:

  • A Bachelor's Degree in Computer Science, Information Systems, Intelligence, Communications, Cybersecurity, or other related technical or liberal art discipline is desired. Four (4) additional years of general experience (as defined below) may be substituted for the degree.

Certifications Required: Global Information Assurance Certification (GIAC) Reverse Engineering Malware (GREM) or similar reverse engineering certification. Three (3) years of reverse engineering experience may be substituted for the GREM certification.

Certifications Desired: GIAC Certified Incident Handler (GCIH), and GIAC Certified Forensics Analyst (GCFA), Certified Ethical Hacker (CEH), Microsoft Certified IT Professional (MCITP), Encase Certified Examiner (ENCE)

General Experience: 7 years of experience in advanced cybersecurity operations and threat analysis with increasing responsibilities.

  • Good working knowledge of cyber threat analysis

  • Strong analytical skills and the ability to effectively research, write, communicate and brief to varying levels of audiences to include at the executive level

  • Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives.

  • Previous experience building and documenting team processes, leading and training teams, and adapting to emerging technologies and threats.

  • Experience developing Standard Operating Procedures (SOPs), job aids, and hands-on training materials.

  • Demonstrated oral and written communications skills.

Specialized Experience:

  • Five years' of experience in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skill

  • Three years' of experience in intelligence or technical analysis with a focus on cyber threat analysis.

  • Experience analyzing emerging technologies for potential attack vectors and developing mitigation strategies

  • Ability to evaluate offensive and intelligence-based threat actors based on motivation and common TTPs

  • Experience with gathering open-source and controlled intelligence to develop predictive understanding of adversarial strategies, priorities, and overlapping interests

  • Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools

  • Experience monitoring open source and classified reporting to proactively identify indicators and potential threats and developing mitigation processes.

  • Proficiency in threat hunting, open source information analysis, and/or process automation.

  • Experience with networking monitoring, email communications, cyber intrusion techniques.

  • Experience in developing relationships throughout the USG, particularly the intelligence community.

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training, and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs, and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

Post date: September 24, 2018

Location

  • Thoroughfare (i.e. Street address):

Rosslyn , VA

United States

Location

  • Thoroughfare (i.e. Street address):

Cybersecurity Technical Threat Analysis Team Lead

CSRA

September 24, 2018

Program Description: Serves as the team lead for cybersecurity technical threat analysis and special operations in support of a major federal client. This organization provides services that analyze and produce enhanced cyber security and threat intelligence information to include threats and potential threats to the customer's information and information systems; provides timely and relevant technical analysis to assist with mitigating cyber threats confronting the Department; supports evaluation, implementation, and operations of tools/technologies used in advanced analysis. Responsible for the delivery of written and oral briefings to stakeholders and community partners across the Foreign Affairs community.

Functional Duties: The Cybersecurity Technical Threat Analysis Team Lead will oversee a team focused on the customer's overall cyber threat analysis efforts. Responsible for oversight and performing advanced analysis of adversary tradecraft, malicious code, and Advance Persistent Threat capabilities. In addition, this team: analyzes computer, communication, network security events and exploits to determine security vulnerabilities and recommend remedial actions; conducts forensic, malicious code, and packet-level analyses to develop comprehensive technical reports stepping through complete reverse engineering of incidents; and recommends countermeasures based on the identified techniques, tactics, procedures, and behavior patterns used by adversaries. This team is also responsible for developing alert criteria to improve incident response capabilities; as well as, contributes to development, writing, and reviewing of SOPs.

In addition, the Team Lead works across multiple teams to gather and analyze both open-source and controlled information. Analysis may include identification of campaigns intended to compromise or misrepresent the interests of the USG. Candidate should possess experience with and knowledge of cyber threat and/or intelligence analysis. Candidate should have proven expert written and oral communication skills to include experience with executive-level presentations. Candidate should have knowledge related to the current state of cyber related adversary tactics and trends. Candidate will possess the ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments.

Responsibilities

  • Maintaining and evolving team organization, documentation, and processes, while adapting to emerging threats.

  • Building positive rapport across the USG to encourage information-sharing relationships and user reporting.

  • Sharing defensive techniques with other analysts, related teams, and customer senior officials, developing best practices recommendations and policies for unique use cases.

  • Working closely with customer leadership to prioritize workload and tasks.

Qualifications:

Education:

  • A Bachelor's Degree in Computer Science, Information Systems, Intelligence, Communications, Cybersecurity, or other related technical or liberal art discipline is desired. Four (4) additional years of general experience (as defined below) may be substituted for the degree.

Certifications Required: Global Information Assurance Certification (GIAC) Reverse Engineering Malware (GREM) or similar reverse engineering certification. Three (3) years of reverse engineering experience may be substituted for the GREM certification.

Certifications Desired: GIAC Certified Incident Handler (GCIH), and GIAC Certified Forensics Analyst (GCFA), Certified Ethical Hacker (CEH), Microsoft Certified IT Professional (MCITP), Encase Certified Examiner (ENCE)

General Experience: 7 years of experience in advanced cybersecurity operations and threat analysis with increasing responsibilities.

  • Good working knowledge of cyber threat analysis

  • Strong analytical skills and the ability to effectively research, write, communicate and brief to varying levels of audiences to include at the executive level

  • Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives.

  • Previous experience building and documenting team processes, leading and training teams, and adapting to emerging technologies and threats.

  • Experience developing Standard Operating Procedures (SOPs), job aids, and hands-on training materials.

  • Demonstrated oral and written communications skills.

Specialized Experience:

  • Five years' of experience in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skill

  • Three years' of experience in intelligence or technical analysis with a focus on cyber threat analysis.

  • Experience analyzing emerging technologies for potential attack vectors and developing mitigation strategies

  • Ability to evaluate offensive and intelligence-based threat actors based on motivation and common TTPs

  • Experience with gathering open-source and controlled intelligence to develop predictive understanding of adversarial strategies, priorities, and overlapping interests

  • Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools

  • Experience monitoring open source and classified reporting to proactively identify indicators and potential threats and developing mitigation processes.

  • Proficiency in threat hunting, open source information analysis, and/or process automation.

  • Experience with networking monitoring, email communications, cyber intrusion techniques.

  • Experience in developing relationships throughout the USG, particularly the intelligence community.

Rosslyn , VA

United States


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cybersecurity Technical Threat Analysis Team Lead

General Dynamics Information Technology

Posted 2 months ago

VIEW JOBS 9/25/2018 12:00:00 AM 2018-12-24T00:00 Program Description: Serves as the team lead for cybersecurity technical threat analysis and special operations in support of a major federal client. This organization provides services that analyze and produce enhanced cyber security and threat intelligence information to include threats and potential threats to the customer's information and information systems; provides timely and relevant technical analysis to assist with mitigating cyber threats confronting the Department; supports evaluation, implementation, and operations of tools/technologies used in advanced analysis. Responsible for the delivery of written and oral briefings to stakeholders and community partners across the Foreign Affairs community. Functional Duties: The Cybersecurity Technical Threat Analysis Team Lead will oversee a team focused on the customer's overall cyber threat analysis efforts. Responsible for oversight and performing advanced analysis of adversary tradecraft, malicious code, and Advance Persistent Threat capabilities. In addition, this team: analyzes computer, communication, network security events and exploits to determine security vulnerabilities and recommend remedial actions; conducts forensic, malicious code, and packet-level analyses to develop comprehensive technical reports stepping through complete reverse engineering of incidents; and recommends countermeasures based on the identified techniques, tactics, procedures, and behavior patterns used by adversaries. This team is also responsible for developing alert criteria to improve incident response capabilities; as well as, contributes to development, writing, and reviewing of SOPs. In addition, the Team Lead works across multiple teams to gather and analyze both open-source and controlled information. Analysis may include identification of campaigns intended to compromise or misrepresent the interests of the USG. Candidate should possess experience with and knowledge of cyber threat and/or intelligence analysis. Candidate should have proven expert written and oral communication skills to include experience with executive-level presentations. Candidate should have knowledge related to the current state of cyber related adversary tactics and trends. Candidate will possess the ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments. Responsibilities * Maintaining and evolving team organization, documentation, and processes, while adapting to emerging threats. * Building positive rapport across the USG to encourage information-sharing relationships and user reporting. * Sharing defensive techniques with other analysts, related teams, and customer senior officials, developing best practices recommendations and policies for unique use cases. * Working closely with customer leadership to prioritize workload and tasks. Qualifications: Education: * A Bachelor's Degree in Computer Science, Information Systems, Intelligence, Communications, Cybersecurity, or other related technical or liberal art discipline is desired. Four (4) additional years of general experience (as defined below) may be substituted for the degree. Certifications Required: Global Information Assurance Certification (GIAC) Reverse Engineering Malware (GREM) or similar reverse engineering certification. Three (3) years of reverse engineering experience may be substituted for the GREM certification. Certifications Desired: GIAC Certified Incident Handler (GCIH), and GIAC Certified Forensics Analyst (GCFA), Certified Ethical Hacker (CEH), Microsoft Certified IT Professional (MCITP), Encase Certified Examiner (ENCE) General Experience: 7 years of experience in advanced cybersecurity operations and threat analysis with increasing responsibilities. * Good working knowledge of cyber threat analysis * Strong analytical skills and the ability to effectively research, write, communicate and brief to varying levels of audiences to include at the executive level * Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives. * Previous experience building and documenting team processes, leading and training teams, and adapting to emerging technologies and threats. * Experience developing Standard Operating Procedures (SOPs), job aids, and hands-on training materials. * Demonstrated oral and written communications skills. Specialized Experience: * Five years' of experience in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skill * Three years' of experience in intelligence or technical analysis with a focus on cyber threat analysis. * Experience analyzing emerging technologies for potential attack vectors and developing mitigation strategies * Ability to evaluate offensive and intelligence-based threat actors based on motivation and common TTPs * Experience with gathering open-source and controlled intelligence to develop predictive understanding of adversarial strategies, priorities, and overlapping interests * Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools * Experience monitoring open source and classified reporting to proactively identify indicators and potential threats and developing mitigation processes. * Proficiency in threat hunting, open source information analysis, and/or process automation. * Experience with networking monitoring, email communications, cyber intrusion techniques. * Experience in developing relationships throughout the USG, particularly the intelligence community. For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training, and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs, and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class. Post date: September 24, 2018 Location - Thoroughfare (i.e. Street address): Rosslyn , VA United States Location - Thoroughfare (i.e. Street address): Cybersecurity Technical Threat Analysis Team Lead CSRA September 24, 2018 Program Description: Serves as the team lead for cybersecurity technical threat analysis and special operations in support of a major federal client. This organization provides services that analyze and produce enhanced cyber security and threat intelligence information to include threats and potential threats to the customer's information and information systems; provides timely and relevant technical analysis to assist with mitigating cyber threats confronting the Department; supports evaluation, implementation, and operations of tools/technologies used in advanced analysis. Responsible for the delivery of written and oral briefings to stakeholders and community partners across the Foreign Affairs community. Functional Duties: The Cybersecurity Technical Threat Analysis Team Lead will oversee a team focused on the customer's overall cyber threat analysis efforts. Responsible for oversight and performing advanced analysis of adversary tradecraft, malicious code, and Advance Persistent Threat capabilities. In addition, this team: analyzes computer, communication, network security events and exploits to determine security vulnerabilities and recommend remedial actions; conducts forensic, malicious code, and packet-level analyses to develop comprehensive technical reports stepping through complete reverse engineering of incidents; and recommends countermeasures based on the identified techniques, tactics, procedures, and behavior patterns used by adversaries. This team is also responsible for developing alert criteria to improve incident response capabilities; as well as, contributes to development, writing, and reviewing of SOPs. In addition, the Team Lead works across multiple teams to gather and analyze both open-source and controlled information. Analysis may include identification of campaigns intended to compromise or misrepresent the interests of the USG. Candidate should possess experience with and knowledge of cyber threat and/or intelligence analysis. Candidate should have proven expert written and oral communication skills to include experience with executive-level presentations. Candidate should have knowledge related to the current state of cyber related adversary tactics and trends. Candidate will possess the ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments. Responsibilities * Maintaining and evolving team organization, documentation, and processes, while adapting to emerging threats. * Building positive rapport across the USG to encourage information-sharing relationships and user reporting. * Sharing defensive techniques with other analysts, related teams, and customer senior officials, developing best practices recommendations and policies for unique use cases. * Working closely with customer leadership to prioritize workload and tasks. Qualifications: Education: * A Bachelor's Degree in Computer Science, Information Systems, Intelligence, Communications, Cybersecurity, or other related technical or liberal art discipline is desired. Four (4) additional years of general experience (as defined below) may be substituted for the degree. Certifications Required: Global Information Assurance Certification (GIAC) Reverse Engineering Malware (GREM) or similar reverse engineering certification. Three (3) years of reverse engineering experience may be substituted for the GREM certification. Certifications Desired: GIAC Certified Incident Handler (GCIH), and GIAC Certified Forensics Analyst (GCFA), Certified Ethical Hacker (CEH), Microsoft Certified IT Professional (MCITP), Encase Certified Examiner (ENCE) General Experience: 7 years of experience in advanced cybersecurity operations and threat analysis with increasing responsibilities. * Good working knowledge of cyber threat analysis * Strong analytical skills and the ability to effectively research, write, communicate and brief to varying levels of audiences to include at the executive level * Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives. * Previous experience building and documenting team processes, leading and training teams, and adapting to emerging technologies and threats. * Experience developing Standard Operating Procedures (SOPs), job aids, and hands-on training materials. * Demonstrated oral and written communications skills. Specialized Experience: * Five years' of experience in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skill * Three years' of experience in intelligence or technical analysis with a focus on cyber threat analysis. * Experience analyzing emerging technologies for potential attack vectors and developing mitigation strategies * Ability to evaluate offensive and intelligence-based threat actors based on motivation and common TTPs * Experience with gathering open-source and controlled intelligence to develop predictive understanding of adversarial strategies, priorities, and overlapping interests * Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools * Experience monitoring open source and classified reporting to proactively identify indicators and potential threats and developing mitigation processes. * Proficiency in threat hunting, open source information analysis, and/or process automation. * Experience with networking monitoring, email communications, cyber intrusion techniques. * Experience in developing relationships throughout the USG, particularly the intelligence community. Rosslyn , VA United States * General Dynamics Information Technology Rosslyn VA

Cybersecurity Technical Threat Analysis Team Lead

Csra Inc.