This job has expired on Indeed
Reasons could include: the employer is not accepting applications, is not actively hiring, or is reviewing applications

Cyber Threat Analyst - Security Clearance - Hybrid Remote

Alyn Inc.
Alyn Inc. in Atlanta, GA 30329
Hybrid work
$95,000 - $135,000 a year - Full-time

Benefits
Pulled from the full job description

  • 401(k)
  • 401(k) matching
  • Dental insurance
  • Disability insurance
  • Employee discount
  • Flexible spending account
  • Health insurance

Full job description

Alȳn - TRUSTED. TESTED. PROVEN.

Building the cybersecurity industry to the exact specifications of tomorrow.

Alȳn Inc. partners with Fortune 50 and top government agencies to help develop or realign their Cybersecurity Operations programs with NextGen initiatives by evaluating organizational structure, roles and responsibilities, and business objectives. We place experts in the organization to help guide the realignment of the program or fill skills gaps for better efficiency and effectiveness.

Whether it be threat intelligence, threat hunting, big data analytics, red teaming, or digital forensics, Alȳn Inc. has been a trusted partner for over a decade.

Why join Alȳn:

  • Compensation range: $95,000 - $135,000
  • Upward growth opportunities
  • Medical, dental, and vision insurance
  • Paid time off
  • 401K with company match
  • Voluntary life insurance
  • Voluntary short-and long-term disability insurance
  • Excellent support team

Alȳn Inc. is seeking an experienced candidate to serve as a Cyber Threat Analyst. The successful candidate is well versed in numerous security technologies, understands the motivations and capabilities of advanced threat actors and can communicate risks and make recommendations associated with specific network threats. The Cyber Threat Analyst will conduct threat intelligence research/development and hunt operations for threat indicators discovered in intelligence or within security incidents shared by partner analysts.

Responsibilities:

  • Review and analyze security data within the SIEM and network traffic such as full packet captures and/or Netflow data in order to detect traffic anomalies, identify infected systems and threat actor related activity based on known tactics, techniques, and procedures.
  • Monitor various security blogs, alerts and notifications, RSS feeds and forums in order to keep abreast of the latest security news, attacks, threats, vulnerabilities and exploits.
  • Create content feeds to detect malicious traffic based on known or detected indicators of compromise.
  • Create automated log correlations in Splunk, ELK, or a similar tool to identify anomalous and potentially malicious behavior.
  • Act in concert with Cyber Threat Intelligence to understand threats and to determine what risk these threats present to the client.
  • Incorporate CTI findings into threat hunting activities and workflow.
  • Contribute to incident response teams, maintaining relevant communication in emails, ticket summaries, analysis and reporting. Work with Incident Handlers to provide recommendations for remediation of compromised systems and any relevant counter-measures.
  • Contribute to the development of advanced threat actor profiles unique to clients and based upon analysis of acquired malware samples.
  • Review, create or document standard operating procedures, recommendations, project specific documents and resource guides as needed.
  • Conduct basic static and dynamic Malware Analysis.

Education:

  • BA/BS or equivalent
  • CISSP, GSEC, GCIA, or GNFA

Required Qualifications:

  • 5+ years of strong network security, threat hunting, and threat intelligence experience
  • Active Secret Clearance and eligibility to obtain a Top Secret security clearance
  • Must be a US Citizen
  • Understanding of a variety of security tools including firewall logs, intrusion detection systems, windows logs, event management, packet capture, SIEM, EDR
  • Ability to create custom correlation rules to detect known or suspected malware traffic patterns within security tools
  • Packet-level knowledge of TCP/IP protocols and network applications and an understanding of TCP/IP routing behaviors
  • Solid knowledge of industry standard incident response procedures
  • Experience with MITRE ATT&CK Framework and documenting attacker TTPs
  • Strong analytical and critical thinking skills
  • Excellent writing and communication skills

Job Type: Full-time

Pay: $95,000.00 - $135,000.00 per year

Benefits:

  • 401(k)
  • 401(k) matching
  • Dental insurance
  • Employee discount
  • Flexible spending account
  • Health insurance
  • Health savings account
  • Paid time off
  • Professional development assistance
  • Referral program
  • Tuition reimbursement
  • Vision insurance

Schedule:

  • 8 hour shift
  • Day shift
  • Monday to Friday

Experience:

  • Cyber Threat Intelligence: 2 years (Required)
  • Threat Hunting: 3 years (Required)
  • Cyber Security Monitoring: 4 years (Required)
  • Splunk ES Analyst: 3 years (Required)

Security clearance:

  • Secret (Required)

Ability to Commute:

  • Atlanta, GA 30329 (Required)

Ability to Relocate:

  • Atlanta, GA 30329: Relocate before starting work (Required)

Work Location: Hybrid remote in Atlanta, GA 30329