Cybersecurity Analyst

STRATEGIC STAFFING SOLUTIONS HAS AN OPENING Role Title: Cybersecurity Analyst Location: Charlotte, NC (Remote) Duration: 12 months, possibility to convert Role Type: W2 Contract Engagement Job Description: The Cybersecurity Threat and Vulnerability Analyst is responsible for identifying, analyzing, prioritizing, and eradicating cyber threats and vulnerabilities across the company environment. The Analyst will analyze threat information and work closely with peers, other internal/external teams and management to ensure that information is properly disseminated to appropriate parties for action. The Analyst assists with supporting tools which perform vulnerability scanning, configuration monitoring, and Open Source Intelligence analysis. The Analyst also is responsible for following processes and procedures as defined by Cybersecurity leadership and the Threat & Vulnerability Management team. Employees at this level are expected to execute daily tasks with little supervision, solve complex problems, and provide leadership to others on areas of specialization. They are also expected to have advanced skills such as threat and vulnerability analysis, and have the ability to work independently to create and implement work products and initiatives. Responsibilities

• Thoroughly research and analyze emerging cyber threats and vulnerabilities, including those specific to ICS environments, distributing relevant information to impacted business areas to increase prevention and response capabilities.
• Track cyber threat actors/campaigns and techniques, tactics, and procedures based off technical analysis from government feeds and open source/third party intelligence.
• Prepare written analysis of cyber threats, campaigns, and threat actor groups.
• Respond to requests for ad-hoc reporting and research regarding cyber threat actors, campaigns, and associated tactics, techniques, and procedures.
• Provide subject matter expertise to the development of cyber operations specific indicators.
• Monitor and report on relevant threat activities and changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations warning problem sets.
• Leverage tools and manual methods to perform public, deep and dark web searches for threats impacting the company.
• Monitor open source websites for hostile content directed towards organizational or partner interests.
• Provide timely notice of imminent or hostile intentions or activities which may impact organization objectives, resources, or capabilities.
• Develop and improve processes and metrics to advance and mature the threat and vulnerability management function
• Lead initiatives to improve the threat & vulnerability management function and promote best practices for remediating cyber threats and vulnerabilities
• Communicate and report on key intelligence, analysis and response activities, relevant metrics, and KPIs.
• Request and track mitigations to address cyber threats and support other coordination and remediation activities.
• Lead or participant in response efforts, including afterhours events, to emergent cyber threats, providing relevant threat and vulnerability analysis information.
• Provide intelligence analysis and support to designated exercises, planning activities, and time sensitive operations.
• Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications).
• Utilize off-the-shelf or open source vulnerability scanning technologies to evaluate the security posture of information systems and applications.
• Perform risk assessments of identified vulnerabilities to determine and communicate necessary response actions required based on assessed level of threat.
• Develop risk mitigation strategies to resolve vulnerabilities and recommend security changes to system or system components as needed.
• Provide technical support for tools which perform vulnerability analysis or configuration monitoring.
• Troubleshoot identified technical issues with tools and technologies and apply patches and perform upgrades.
• Work with application end users and other support personnel to troubleshoot and resolve identified issues.
• Develop and maintain comprehensive technical, process, and administrative documentation.
• Perform routine compliance reviews for in-scope devices as required by NERC CIP regulations.
• Configure and maintain reports, rules, tasks, jobs, and objects within vulnerability and integrity management applications to promote compliance with NERC CIP regulatory requirements.
• Assist with gathering evidence and responding to internal or external regulatory requests
• Train and assist other analysts on the policies and procedures of the Threat and Vulnerability team. Review their research, analysis and conclusions for completeness.
• Oversee execution of established operational processes and procedures by Threat and Vulnerability analysts to analyze, escalate, and lead remediation of identified threats and vulnerabilities.
• Work with Threat and Vulnerability manager to develop, establish and execute processes and procedures.
• Collaborate with Threat and Vulnerability manager and analysts to provide reports to the company's Cybersecurity leadership team.
• Help guide security quality and risk remediation priorities for code-level software reviews.
• Provide security remediation advice and training to technical personnel.
• Assist in maintaining and updating information security policies and standards.
• Collaborate with development teams to prioritize and remediate vulnerabilities throughout the software development lifecycle and to improve security program.
• Maturing application security and providing oversight into the program.

• Bachelors degree in Cybersecurity, Managing Information Strategies (MIS) or Computer Science or Bachelors in Other Related Degree.
• 5 years related work experience
• In lieu of Bachelors degree(s) AND 5 year(s) related work experience listed above, High School/GED AND 9 year(s) related work experience

• Bachelors degree in Cybersecurity
• In addition to desired degree, 3 years related work experience
• CISSP and/or EC-Council Certified Ethical Hacker and/or GCIH and/or GIAC and/or GCIA and/or GCFA
• Additional Job Description

• Experience in Cybersecurity, preferably with performing research on cyber threats and vulnerabilities and utilizing vulnerability assessment tools.
• Experience in a cybersecurity role, with emphasis on performing threat and vulnerability analysis
• Demonstrated capability to work with little management oversight and must have strong personal initiative.
• Experience researching and assessing cyber threats and vulnerabilities
• Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.)
• Knowledge of cyber intelligence/information collection capabilities and repositories
• Knowledge of cybersecurity domains, security practices, and cyber defense models, such as the Cyber Kill Chain® methodology & MITRE's ATT&CK Framework®
• Knowledge of telecommunications fundamentals and common networking and routing.
• General networking understanding and/or experience to include Understanding of TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, and SMB
• Knowledge of intelligence disciplines
• Knowledge of internal tactics to anticipate and/or emulate threat capabilities and actions
• Ability to utilize multiple intelligence sources across all intelligence disciplines
• Windows and UNIX/Linux command line scripting experience and programming experience (Python, Powershell, etc).
• Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on threats and vulnerabilities and provide briefings to various levels of staff / management.
• Ability to function effectively in a dynamic, fast paced environment
• Ability to research independently, multi-task, and meet deadlines under tight timeframes
• Ability to develop and maintain good working relationships with internal and external business partners
• Experience with writing and editing technical documentation and operational procedures
• Experience in developing and improving work processes
• Demonstrated effective problem solving & analytical s