Cyber Threat Intelligence Analyst 10/11/2017
United Launch Alliance
JOB DESCRIPTIONAPPLY Job Title
Cyber Threat Intelligence Analyst
The Cyber Threat Intelligence Analyst and Liaison is an integral part of the ULA Information Security Team. The primary function of the role will be to identify, process, and analyze cyber threats; establishing the extent of the threat, potential impact to the environment, and work with the team to manage the risk.
Triage, process, and analyze cyber threats originating from the various Intel feeds and analytics systems.
Perform detailed analysis of threats, combining sound analytical skills with advanced knowledge of IT security and network threats.
Analyze cyber threat data and correlate with understanding of existing environments.
Perform post mortem analysis on logs, traffic flows, and other activities to identify malicious activity.
Reviewing weekly, monthly and on demand threat intelligence reports.
Liaise with service providers, ISACs, ISAOs, and enforcement organizations to ensure a continual flow of updated threat data.
Articulate security issues, analysis, and remediation techniques to peers, leadership, and across business lines.
Respond to technical security questions and concerns from the business.
Gather, maintain, and analyze cyber-security data and other key performance indicators for regular executive review.
Maintain a strong awareness and understanding of the current threat landscape.
Conduct research on emerging security threats and potential impact.
Conduct research on and communicate emerging security tools to meet organizational needs.
Develop and manage security status metrics reports to Leadership.
Coordinate and conduct special projects as directed by the ULA CISO.
Provide Information Security Incident Response & Assessment Mgmt.
Perform Information Security Forensics.
Perform Cyber Investigations.
Oversee Penetration Testing Service coordination.
Plans, coordinates, executes and reports on sophisticated ethical intrusion exercise, to identify cyber vulnerabilities and reduce the risk of posture of the enterprise systems. Simulates tactics, techniques, and procedures of a variety of threat actors, and make recommendations on effective counter-measures. Leverage advanced big data security analytics to identify complex threats. Implement enhancements to the monitoring and detection content.
Functional Job Description
Safety to Self and Others: Must be able to perform all assigned tasks in a safe manner. While performing the duties of this job, the employee may be exposed to repetitive motion injuries due to keyboarding or to cuts and bruises due to typical office accidents. Physical Demands: While performing the duties of this job, the employee is regularly required to use computer and office equipment and to use hands to type, manipulate, handle, and feel; reach with hands and arms; talk; and hear. The employee frequently is required to stand, walk, and sit. The employee is occasionally required to climb, balance, bend, stoop, kneel, or crouch. The employee must regularly lift and/or move up to 10 pounds and occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include close vision and ability to adjust focus. Work Environment: The noise level in the work environment is typical of most office environments with telephones, personal interruptions, and background noises. Mental Functions: While performing the duties of this job, the employee is regularly required to communicate verbally and in writing and use interpersonal skills. The employee is regularly required to prioritize, multitask, analyze, interpret, coordinate, compile, evaluate, synthesize, compute, problem solve, concentrate, and think critically. The employee is occasionally required to copy, instruct, and negotiate. Judgment and Decision-Making: Work is regularly assigned by self, supervisor, and departmental staff. While performing the duties of this job, the employee is regularly required to exercise prudent judgment, decision making, and analytical skills to determine manner and operational steps necessary to properly handle inquiries and perform daily tasks within professional standards. Decision making is guided by ULA policies and procedures. All tasks described in the job description must be met by an employee to successfully perform the essential functions of this job. The duties and responsibilities listed are intended only as illustrations of the various types of work that may be performed. The omission of specific statements of fundamental job duties and responsibilities does not exclude them from the position if the work is similar, related or a logical assignment for the position. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.
Security Clearance / International Traffic In Arms Regulations (ITAR) This position requires use of information which is subject to the International Traffic In Arms Regulations (ITAR). Therefore, all applicants must be U.S. Persons as defined in ITAR 120.15 (e.g., U.S. Citizen or Permanent Resident (Green Card holder) or protected individual. Also see 8 U.S.C. 1101(a)(20) and 8 U.S.C. 1324b(a)(3) for additional information.)
ULA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity, national origin, disability, protected veteran status or any other categories protected by law.
ULA is a participant in the federal E-Verify Program. Posters in PDF format pertaining to this program can be accessed by clicking on the links identified below. E-Verify Participation poster (English | Spanish ) and Right to Work poster (English | Spanish ).
External Additional Requirements
Bachelors Degree in Computer Science, Information Technology, MIS or equivalent.
4 years Information Technology experience.
2 years professional experience working in Information Security in a computer/network/security analyst role monitoring systems.
Eligible and willing to Hold and maintain a DoD Secret w/ SCI potential.
Demonstrated understanding of the life cycle of network threats,attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures(TTPs).
Experience with SIEM systems, preferably SPLUNK.
Hold a proficient understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
Excellent analytical and problem solving skills
Proven ability to effectively communicate technical security requirements across multiple lines of business operations.
Knowledge of Incident Management Process
A motivated, self-managed, individual who can demonstrate above average analytical skills and work with peers and customers. Proven detail-oriented self-starter.
Strong written and verbal communication skills.
Hands on experience with Network IDS/IPS system.
Proven ability to find, evaluate and succinctly summarize and analyze information.
Experience using common vulnerability detection and discovery tools.
Experience working in or with an outsourced service organization.
ULA is an Equal Opportunity Employer.
ULA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, national origin, disability, protected veteran status or any other categories protected by law.