THIS IS AN ONSITE ROLE LOCATED IN WASHINGTON, D.C.

The IT Mission is to “solve and collaborate to meet organizational IT needs with secure, stable, and reliable solutions, focused on high end satisfaction in a cost-effective manner.” The IT Department is a group of collaborative IT professionals working to deliver world class support and innovation to a mostly US-based staff. Our tools and adopted technologies are contemporary and in some cases cutting edge.

The Senior Security Analyst is responsible for working with focus on multiple cybersecurity projects. This position will work closely with the rest of the IT team to provide advanced threat detection and response capabilities through the utilization of real-time intelligence, threat research, automation, and innovation. This individual will also work on projects related to risk remediation projects. This position will also have some special project management responsibilities.

Reports to: Director of Cybersecurity Program and Framework

Qualifications/Skills:

The candidate must possess the following skills and educational achievements:

• Must be a strategic thinker.
  
• Excellent verbal and written communication skills.
• Strong problem solving and research skills.
• Event analysis experience leveraging Security Information and Event Management (SIEM) tools.
• Incident investigation and response experience, including the ability to parse through logs and analyze log data.
• Deep knowledge of current threat landscape, including knowledge of malware operation and indicators.
• Deep understanding of penetration techniques.
• Mastery of cybersecurity standards and frameworks, and knowledge of audit requirements (e.g., NIST, PCI, HIPAA, etc.)
• Undergraduate or master's degree in Cybersecurity.
• Certification of one or more of the following, preferred: GIAC Cyber Threat Intelligence (GCTI) or Certified Threat Intelligence Analyst (CTIA) EC-Council
• Experience in cybersecurity of 4-6 years.
• Able to identify, select, track, and report on security metrics.

Detailed Duties:

• Build world-class MDR capabilities and improve existing threat hunting capabilities that align with the global direction.
  
• Investigate and analyze logs and security-related events utilizing existing tools in the environment. Improve the meaningfulness of alert and reduce the instances of false positives by calibrating the alert thresholds.
• Identify and respond to cyber threats occurring within client's networks.
• Stay up to date with current threat actors and the TTPs used by actively researching emerging Indicators of Compromise/Attack, exploits and vulnerabilities with the intent of operationalizing findings to better protect our networks.
• Fulfill responsibilities as it relates to POAMs generated from risk assessments.
• Lead time-sensitive projects tied to NIST CSF 1.1 compliance, including ensuring completion of such projects per agreed upon schedule.