Cyber Network Security/Threat Analyst 6/5/2020
Quantum Research International Inc
JOB DESCRIPTIONAPPLY * Huntsville, AL, USA
* Full Time
Email Me Similar Jobs Email Me This Job
Quantum Research International, Inc. (Quantum) is a certified DoD Contractor providing services and products to US/Allied governments and industry in the following main areas: (1) Cyber Security/Intelligence Programs Support; (2) Command, Control, Communication, Computers, Intelligence, Surveillance, and Reconnaissance (C4ISR); (3) Space Operations and Control; (4); Warfighter Support and Logistics; (5) Weapon System Analysis; (6) Acquisition Support; (7); Test and Evaluation; and (8) Audio/Visual Technology Applications. Quantum\'s Corporate Office is located in Huntsville, AL, but Quantum actively hires for positions nationwide and internationally. We pride ourselves on providing high quality support to the U.S. Government and our Nation\'s Warfighters. In addition to our corporate office, we have physical locations in Arlington VA; Hampton Roads, VA; Bel Air MD; Colorado Springs, CO; and Shalimar, FL.
Quantum is seeking a Cyber Network Threat Analyst to work as a member of their Cyber Threat Intelligence Team.
Perform network traffic analysis to identify anomalies and potential threats.
Research emerging threats.
Provide evaluations on the latest threats to customer's networks and data as well as suggestions and recommendations to counter these threats.
Support incident response by providing threat actor TTP's, known indicators of compromise, and analysis to aid in the incident response process.
Develop custom signatures for security devices to detect known and unknown threats.
Provide briefings to customer's senior officials on various topics including but not limited to: emerging threats, APT's, and recommendations for improving security posture.
* Technical Degree desired, but years of experience and certifications/training may be accepted in lieu of Degree (e.g. Security+, Cybersecurity Analyst/CySA+, Cyber Threat Intelligence/GCTI, Cyber Analyst Course). Experience in identifying and evaluating emerging and persistent threats, trends, TTPs, attribution, or threat hunting desired.
* Experience with threat intelligence tools and databases preferable.
* Experience with open source (OSINT) research (social media, blogs, IRC, deep/dark web, message boards) a plus.
* Knowledge of network and/or operating systems security (Intrusion Detection/Prevention Systems, Firewalls) desired. Knowledge of security operations and incident response technologies and methodologies a plus.
* Knowledge of scripting languages is a plus (Python, Powershell, Perl, etc.)
* Experience in network and/or host-based forensics is a plus.
* Experience with analyzing NetFlow to identify malicious activity.
* Experience with analyzing multiple disparate data sources (passive dns, threat feeds, vulnerabilities, attack surface, etc) to enrich and aid in threat tracking/analysis.
* Experience with analyzing vulnerabilities to determine realistic impact/risk to customer's network is a plus but not required.
* Basic static/dynamic malware analysis is a plus but not required.
Selected applicants will be subject to a government security clearance investigation and must meet eligibility requirements for access to classified information.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Equal Employment Opportunity / Affirmative Action Employer.