Senior Cyber Threat Intelligence Analyst
Vienna, VA

Job Description

Email Job Description

Employee Perks

Why You Will Love Being Part of the Navy Federal Team:

* Competitive compensation with opportunities for annual raises, promotions, and bonus potential
* Best-in-Class Benefits! (7% 401k match / Pension plan / Tuition reimbursement / Great insurance options)
* On-site amenities include fitness center, wellness center, cafeteria, etc. at Pensacola, FL; Vienna, VA and Winchester, VA campuses
* Consistently Awarded Top Workplace
* Nationally recognized training department by TRAINING Magazine
* An employee-focused, diverse, and service-oriented workplace environment

Basic Purpose

Navy Federal's Cybersecurity Operations team is a dedicated group of information security experts committed to protecting the credit union from cyber-based threats. We are looking for an experienced Senior Cyber Threat Intelligence Analyst who is passionate about threat intelligence to join our operational intelligence team.

Your primary responsibility will be conducting research identifying the credit union's critical assets and performing threat modeling and analysis on those assets. You will also lead external hunt activities that focus on unintentional opportunities that may be exploited by threat actors.

You will research and analyze exploits relevant to the credit union's vulnerabilities and produce actionable intelligence to develop or implement proactive defensive measures and improved response actions.

Join us and be part of a team that encourages personal development and promotes transparency and cross-team development.

Responsibilities:

* Perform intelligence-driven defense of critical assets
* Conduct intelligence collection and analysis of information obtained through external hunt activities
* Conduct research on threats, exploits, and vulnerabilities
* Perform advanced intelligence analysis using analytical tradecraft methods and forensic tools
* Analyze and make recommendations for remediating security vulnerability conditions
* Use commercial, open and communities-of-trust sources for information collection
* Use a combination of open source research, network, and host forensic analysis, log review and correlation to support investigations
* Apply knowledge of computer and network architecture to provide analysis during investigations, identifying adversarial activity and methods for future detection and prevention
* Assist with complex, sensitive incident response activities
* Produce intelligence products as needed, including developing comprehensive security write-ups that describe security issues, analysis, and remediation techniques to management and creating internal documentation, such as detailed procedures, playbooks, and operational metrics reports

Qualifications:

Target

* Previous experience in the following areas:

o In a senior role in cyber threat intelligence and information security

o Identifying critical assets and threat modeling

o Performing malware analysis in support of incident response activities

o Gathering external intelligence that highlights weaknesses in an organization's security posture

o Security Operations and Incident Response

* Ability to monitor and analyze logs and alerts from a variety of different technologies, including IDS/IPS, firewall, proxies, and antivirus across multiple platforms
* Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate an understanding of current and developing cyber threats
* Experience collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources to document results, analyze findings, and provide advanced threat intelligence
* Strong research, analytical, and problem-solving skills
* Ability to present findings and conclusions clearly and concisely to a range of audiences, including varying levels of employees, manager and executives, or vendors

Desired

* Experience with security tools related to enterprise log management, IPS/IDS, antivirus, firewalls, proxies, DLP, forensic analysis, and SIEM
* Knowledge of security architectures, devices, proxies, and firewalls
* CISSP, GIAC, or other related information security certifications
* Previous experience creating correlation content in a SIEM tool

Hours:

Flexible hours within a set of core hours

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability