Sr. Threat Analyst

Overview

This position description is subject to change at any time as needed to meet the requirements of the program or company. Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism. V2X is seeking a motivated and dynamic Sr. Threat Analyst to serve as a Key Technical Staff Leader in supporting the Army’s Global Cyber Center (GCC). In this role, candidate applies deep organizational, technical, and analytical skills to protect and defend US Army Department of Defense (DoD) Information Network (DoDIN) resources. The Senior Threat Analyst will design, implement, automate, maintain, analyze, and optimize measures protecting systems, networks, and information.
Responsibilities

Major Job Activities: 

• Oversee monitor, detect, analyze, and correlate events for potential threat activity utilizing Security Information Event Management (SIEM) systems, Big Data Analytics, and other supporting platforms or applications.
• Lead exploratory and in-depth analysis of network traffic from security devices, analysis of host-based audit logs, malware analysis, trending of cyber incident reports, correlation of classified and open-source threat reporting, and linkages / integration with other agencies.
• Investigate and identify the cause, source, and methodology of compromises or incidents.
• Initiate computer incident handling procedures to isolate and investigate potential network information system compromises.
• Perform trend analysis on events and incidents to identify and characterize threats.
• Conduct open-source research to identify commercial exploits or vulnerabilities (i.e. Zero – Day) required response actions.
• Organize and conduct Cyber hunt missions that include, but are not limited to, examining information systems, network devices, and endpoints for indicators of compromise.
• Prepares formal comprehensive reports and presentations for both technical and executive audiences.
• Configure and optimize software and hardware detection and prevention capabilities.
• Perform host and network base signature development and standardization for implementation on end-point products or sensor grid.
• Develop, document, and refine Tactics, Techniques, and Procedures (TTP).

Material & Equipment Directly Used: 

Basic Office Equipment.

 

Working Environment: 

• Normal office environment.
• May require support during periods of non-traditional working hours including nights or weekends.

Physical Activities: 

Must be able to lift/push/pull 40 lbs. unassisted.

Qualifications

Education / Certifications: 

This position supports DCWF Work Role 541 (Advanced) and accordingly per DoD 8140.03 the candidate must possess Certified Ethical Hacker certification, ORGIAC Certified Intrusion Analyst (GCIA), OR one of the following DCWF requirements:

 

DCWF 541

                    OR                           DOD / Military Training

                  OR                   Certification

DoD / Military Training 4-11-C32-255S (CP) or 4C-255N (CP) or 4C-255A (CP) or A-531-0009 or A-531-0022 or A-531-0045 or WSS 012

CISSO or CPTE or CySA+ or CFR or FITSP-A or GCSA or GPEN or CCE or CISA or CISM or GCIH or GSNA

• ITIL v4 Foundation certification desired upon hire, required within three months of hiring date.
• U.S. citizenship is required.
• Active DoD TS/SCI (Top Secret/Sensitive Compartmentalized Information) Security Clearance.

Experience / Skills: 

• 5 years of applicable experience working with various data (network and system) technologies, with a minimum of two of those years focused on information systems security, cyber threats and SIEM event analysis.
• Excellent interpersonal, organization, writing, communicating, and briefing skills.
• Excellent analytical and problem-solving skills.
• ArcSight, AESS, JRSS, IronPort, Security Onion, Gabriel Nimbus BDP.

Supervisory / Budget Responsibilities:  

Acts in a technical based supervisory capacity.

 

We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. V2X is an Equal Opportunity / Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.

Education / Certifications: 

This position supports DCWF Work Role 541 (Advanced) and accordingly per DoD 8140.03 the candidate must possess Certified Ethical Hacker certification, ORGIAC Certified Intrusion Analyst (GCIA), OR one of the following DCWF requirements:

 

DCWF 541

                    OR                           DOD / Military Training

                  OR                   Certification

DoD / Military Training 4-11-C32-255S (CP) or 4C-255N (CP) or 4C-255A (CP) or A-531-0009 or A-531-0022 or A-531-0045 or WSS 012

CISSO or CPTE or CySA+ or CFR or FITSP-A or GCSA or GPEN or CCE or CISA or CISM or GCIH or GSNA

• ITIL v4 Foundation certification desired upon hire, required within three months of hiring date.
• U.S. citizenship is required.
• Active DoD TS/SCI (Top Secret/Sensitive Compartmentalized Information) Security Clearance.

Experience / Skills: 

• 5 years of applicable experience working with various data (network and system) technologies, with a minimum of two of those years focused on information systems security, cyber threats and SIEM event analysis.
• Excellent interpersonal, organization, writing, communicating, and briefing skills.
• Excellent analytical and problem-solving skills.
• ArcSight, AESS, JRSS, IronPort, Security Onion, Gabriel Nimbus BDP.

Supervisory / Budget Responsibilities:  

Acts in a technical based supervisory capacity.

 

We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. V2X is an Equal Opportunity / Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.

Major Job Activities: 

• Oversee monitor, detect, analyze, and correlate events for potential threat activity utilizing Security Information Event Management (SIEM) systems, Big Data Analytics, and other supporting platforms or applications.
• Lead exploratory and in-depth analysis of network traffic from security devices, analysis of host-based audit logs, malware analysis, trending of cyber incident reports, correlation of classified and open-source threat reporting, and linkages / integration with other agencies.
• Investigate and identify the cause, source, and methodology of compromises or incidents.
• Initiate computer incident handling procedures to isolate and investigate potential network information system compromises.
• Perform trend analysis on events and incidents to identify and characterize threats.
• Conduct open-source research to identify commercial exploits or vulnerabilities (i.e. Zero – Day) required response actions.
• Organize and conduct Cyber hunt missions that include, but are not limited to, examining information systems, network devices, and endpoints for indicators of compromise.
• Prepares formal comprehensive reports and presentations for both technical and executive audiences.
• Configure and optimize software and hardware detection and prevention capabilities.
• Perform host and network base signature development and standardization for implementation on end-point products or sensor grid.
• Develop, document, and refine Tactics, Techniques, and Procedures (TTP).

Material & Equipment Directly Used: 

Basic Office Equipment.

 

Working Environment: 

• Normal office environment.
• May require support during periods of non-traditional working hours including nights or weekends.

Physical Activities: 

Must be able to lift/push/pull 40 lbs. unassisted.

---