FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,000 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.
FireEye is seeking an experienced, motivated Cyber Threat Analyst (CTA) to support our Federal customer. The CTA will work closely with the customer and be responsible for providing threat intelligence collection and monitoring, analysis, and reporting. The position is located on-site in Suitland, MD. The successful candidate must be well-versed in security operations, cyber security tools, intrusion detection, and secured networks. The candidate will provide operational support on expert level analysis with regards to Advanced Persistent Threats (APTs), Indicators of Compromise (IOC), Intelligence Gathering and sharing this information with other formalized partners.
* Gather, extract, and disseminate open source intelligence (OSINT) on threat actors targeting the Customer, other government agencies in general, as well as public sector.
* Provide proactive event monitoring/event management/configuration of the following security tools for targeted threats and malicious activity including but not limited to: Splunk, Threat Connect, Risk Vision, and RiskIQ.
* Provide Subject Matter Expert (SME) level evaluation on threats to an enterprise network as well as new technologies that could be leveraged to protect it by identifying security gaps with advanced analysis.
* Work with industry partners to gather and share intelligence. Apply intelligence to the Customer network and systems to proactively identify potential cyber threats.
* Review audit logs and identify any unusual or suspect behavior.
* Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks.
* Provide proactive APT hunting, incident response support, and advanced analytic capabilities.
* Profile and track APT actors that pose a threat to the organization in coordination with threat intelligence support teams.
* Support the incident response process by providing advanced analysis services when requested to include recommending containment and remediation processes, independent analysis of security events, and reporting of identified incidents to Incident Handling (IH). Provide security solutions and interpretations of security policies as they relate to specific security infrastructure, architectures and information systems in customer environment.
* Coordinate meetings, compile reporting and manage deliverables.
* Ensure IT security policies and controls are adequately addressed by conducting periodic quality control measurements including but not limited to IT security evaluations, audits, and reviews to verify that systems under customer purview are operating in a manner consistent with Customer, their Security Policies, controls and standards.
* Evaluate, document and coordinate technical cyber security capabilities of various groups supporting the client, with an emphasis on risk, compliance, controls and logging.
* Assist team in implementation and maintenance of various Cyber Operations systems and applications as needed; for example, NAC, IDS, etc.
* Secret or Top Secret Security Clearance preferred but not required
* Must be able to pass client background investigation
* Four or more years of CTA work experience.
* Certification (or ability to obtain certification) in at least one of the following areas: 1) Certified Counterintelligence Threat Analyst (CCTA), 2) Certified Cyber Intelligence Professional (CCIP), or 3) Certified Cyber Investigations Expert (CCIE).
* Advanced network forensic experience with the following application layer protocols HTTP/S, DNS, NTP, SSH, FTP, and SMTP.
* Experience with advanced cyber security tools, network topologies, intrusion detection, PKI, and secured networks.
* Experience interpreting and implementing cyber security regulations.
* Excellent verbal communication skills.
* Excellent written skills for preparing reports and briefings.
* Excellent analytical and problem solving skills.
* BS/BA degree from accredited university.
All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
FireEye is a company providing cybersecurity solutions and services.