Cyber Threat Analyst

Overview

CVP is an award-winning healthcare and next-gen technology consulting firm recognized for excellence and innovation in the solutions we have provided our clients across healthcare, national security, and the public sector.

We are seeking a Cyber Threat Analyst to join our team of experts tasked with securing the critical networks and systems our clients depend on.

Responsibilities

• Validate and confirm critical security events and assess impact of the event.
• Using industry standard tools to conduct threat hunts across the network
• Research and maintain information on current security threats and apply knowledge to the security capability.
• Author intrusion detection signatures as well as other detection mechanisms and coordinate with Security Engineering to implement.
• Interface with the intelligence community in order to better develop and identify malicious activities and events that connect over time to form a pattern of attack.
• Write cyber threat intelligence (CTI) products and brief CTI consumers at all levels.
• Recover data like documents, photos and e-mails from computer hard drives and other data storage devices that have been deleted, damaged or otherwise manipulated.
• Find evidence of illegal activity involving cybercrime offenses and examine computers that may have been involved in other types of crime.
• Use expertise to protect computers from infiltration, determine how a computer was broken in to or recover lost files.
• Use forensic tools and investigative methods to find specific electronic data, including Internet use history, word processing documents, images and other files.
• Automate workflow processes via scripting with Python or similar.
• Correlating data from multiple sources to effectively form an analysis based on evidence researched.
• Provide analysis support for Tier 1/Tier 2 personnel.
• Work with Cyber Threat Intel Team and maintaining threat indicator feeds.
• Build and maintain client and stakeholder relationships.
• Complete projects/deliverables on time and with quality.

Qualifications

• Must be eligible to obtain a Public Trust government security clearance (US Citizenship required).
• Bachelor's Degree in Cybersecurity, Information, or Computer related field.
• Five (5) years of experience or more in Cyber Incident Response is accepted in lieu of education.
• Experience demonstrating strong analytical, troubleshooting and problem-solving skills for security information and event management.
• Three (3) years or more of cybersecurity incident response field experience, including at least two (2) years directly engaged with technical activities.
• Security+ (plus) Certification.
• Ability to detect anomalies in large amounts of data
• Familiarity with common scripting languages, such as PowerShell.
• Experience with writing intelligence/investigation reports and incident summaries.
• Experience with Splunk.
• Two or more years of experience in several of the following tools: HUMINT, SIGINT, CI, All-Source, Tanium, Microsoft Defender for Endpoint.
• Excellent communication skills, both written and oral.
• Operational knowledge with types of vulnerability assessors that shall include vulnerability assessment tools, wireless network detection, and non-signature based discovery and case handling tools.
• Experience with:
  • Intrusion Detection and Preventions Systems (IDS/IPS).
  • Monitoring network security events in an Enterprise Environment.
  • Producing security event reports for management.
  • Producing security metric reports for management.
  • Security Information and Event Management (SIEM) systems.

Desired Skills

• One or more of the following certifications:

• • • Certified Forensic Computer Examiner (CFCE).
    • Certified Hacking Forensic Investigator (CHFI).
    • CompTIA Cybersecurity Analyst (CySA+).
    • Certified Ethical Hacker (CEH).

Location

This position is remote/work from home three days and onsite at the USDA office two days.

In-person USDA office location may be either Kansas City, Missouri or Washington, DC.

About CVP

CVP is an award-winning healthcare and next-gen technology and consulting services firm solving critical problems for healthcare, national security, and public sector clients. We help organizations achieve lasting transformation.