SOC Threat Intelligence Analyst job – Blue Canopy Group – Virginia

Intelligence Analyst Jobs


Blue Canopy, LLC is seeking a Security Operations Center (SOC) Threat Intelligence Analyst to support our PRIME Federal Program in Northern VA/Washington, DC.

Fast-growing premier cyber-security company is expanding its security, privacy, and incident response practices. Our teams provide full-scope IT Security services including: Strategic Planning, Continuous Controls Assessments, Penetration Testing, Engineering, Privacy, Internal Controls, Security Operations Center, Incident Response, and Threat Intelligence Analysis. Our assessments follow well-defined and streamlined practices that use custom designed productivity enhancement tools designed to provide deep and broad situational risk awareness. Our pen-tests deliver the evidence that is often required to get the attention of senior management that compels them to take effective action to strengthen defenses. Our engineers deploy and configure cutting-edge enterprise tools (including: Splunk, RSA Archer, Bit9, McAfee, Palo Alto, Dambala, FireEye and more) for discovering intrusions and eradicating advanced persistent threats. Our Privacy and Internal Controls auditors deliver the information required to manage institutional risks to sensitive data and systems. Our SOC and CSIRT teams continuously develop and improve strategies to detect and validate active threats to the enterprise and respond to them rapidly and effectively. The Threat Intelligence Analysis teams provide acute situational awareness prior to attacks; assist with hunting and preventing threats that do not yet have a signature available to security appliances as well as providing timely briefings. We are growing our teams of skilled security professionals with those who are interested in taking their careers to the next level in cyber-security by developing innovative solutions that advance the state-of-the-art and deliver meaningful risk reduction.

Essential Job Functions

Monitor open and restricted sources of information as well as consult with other departments, agencies, and peers. The position also requires cultivating relationships with the aim of gathering intelligence relevant to the environment and its periphery.

Provide cyber threat analysis and reporting to support SOC and the program?s situational awareness.

This person is a member of a high-tech Security Operations Center and will actively monitor security threats and risks, provide in-depth threat analysis, and evaluate security incidents.

Utilize the latest in security technology to assist in incident response.

Roles & Responsibilities

Collects, analyzes, and disseminates technical cyber threat intelligence including the timely collection of advanced warning of impending IT vulnerabilities or threats, a thorough correlation, analysis and storage of threat intelligence information, and operational support of the incident response process

Collect, analyze, catalog, and assist in the deployment of indicators of compromise (IOCs) to help refine detection and response efforts.

Collect, analyze, catalog, and store IOCs from internal security events detected.

Leverage online research expertise to identify and navigate relevant online forums, including web sites, social media, and traditional sources to support research and analysis.

Conduct research on emerging security threats, extract tangible behaviors, locations, indicators, vectors, and other methods to be used for hunting previously unidentified intrusions or intrusion attempts.

Maintain a knowledge database to identify threats by behaviors, identify motives, and identify emerging threats and trends.

Maintain knowledge of the tools available to the SOC in order to utilize them for research and suggest methods by when to employ actionable intelligence.

Continuously increase knowledge of new attacks and methods and use it to mature the program?s countermeasure capabilities.

Develop threat trend analysis reports and metrics.

Work closely with the other teams to assess risk and provide recommendations for improving our security posture.

Assist in after-action analysis to computer security incidents by utilizing event documentation and supplementing with available logs if needed

Assist SOC analysts with monitoring network traffic for security events and perform triage analysis to identify security incidents when needed.

Author and update Standard Operating Procedures (SOPs) and training documentation.

Required Skills, Experience, & Qualifications:
Bachelor?s degree (preferred) in Computer Science, Cyber Security, Intelligence Studies or related field and/or work experience.

Must have at least one (1) certification in the field of information security from a respectable security organization. Desirable certifications include, but not limited to: FOR578 (Cyber Threat Intelligence), GCIH, GCIA, Security +, Network +, CEH, CISSP, CCNA (Security) or equivalent Certifications.

Minimum of two (2) years of directly related experience.

Strong understanding of security monitoring methodologies such as packet capture, patterns, watch lists, black lists, log parsing, correlation, classification, event generation, and filtering.

Working knowledge of any of the following tools is preferred: Splunk, McAfee ePO, RSA Security Analytics, Wireshark.

Excellent written and oral communication skills.

Excellent presentation skills.

Self-motivated and able to work in an independent manner.

Candidates must be willing to work a determined shift in a 15/5 shift schedules working Mon-Fri, with shifts between 6:00am to 9:00pm in the SOC operational support environment. Candidate?s shift will be determined based on business needs and current shift openings and may include a requirement to rotate shifts on a periodic basis (e.g. every three months).

Desired Skills & Experience:
SOC/CSIRT experience.

Cyber Threat and Intelligence gathering and analysis.

Network defense environments and Intelligence Community capabilities.

Clearance: US Citizen able to obtain and maintain Public Trust level clearance. (SF-85 and SF-86 submission required).

Operating at the intersection of mission and technology, Blue Canopy Group, LLC is one of the fastest growing woman-owned businesses in the Greater Washington, D.C. area. We focus on delivering outcomes that matter by harnessing the power of technology, combing governance with process improvement. We provide support to both Federal and Commercial clients in five areas: Mission Support Services, Cyber Security, Big Data Analytics, Cloud & Mobility and Agile Development. Our core values around commitment to clients and our people drive Blue Canopy in the relentless pursuit to innovate and help our clients? problem solve by building solutions as a team. Blue Canopy is headquartered in Reston, VA and employs over 400 highly skilled professionals.

Blue Canopy Group, LLC is EOE/AA/M/F/Vet/Disability

= Intelligence Analyst Jobs