1 to 14 of 14 Permanent Threat Analysis Jobs

for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations. Primary Responsibilities: Create Threat Models to better understand the DHS IT Enterprise, identify defensive gaps, and prioritize mitigations Author, update, and maintain SOPs, playbooks, work instructions Utilize Threat Intelligence and Threat Models to create threat hypotheses Plan and scope Threat Hunt Missions to verify threat hypotheses Proactively and iteratively search through systems and networks to detect advanced threats Analyze host, network, and application logs in addition to malware and code Prepare and report … risk analysis and threat findings to appropriate stakeholders Lead cyber threat hunt missions with minimal supervision or guidance and recommend courses of action, best practices, and mitigating actions to improve security practices. Established ability to write clearly and concisely regarding technical and non-technical products based on more »

overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations. Primary Responsibilities: Will conduct cyber threat analysis, identifying mitigation and/or remediation courses of action; developing actionable intelligence used to protect organizational IT assets; and trending cyber threat metrics for leadership situational awareness . Responsible for maintaining a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats actors and/or activities to enhance cybersecurity posture of an the organization's IT operating environment. Identify , track and investigate , and write technical products … for dissemination to stakeholders regarding high priority threat campaigns, malicious actors , APTs , emerging threats, etc . Bring a comprehensive understanding, analyzing and tracking the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cybersecurity posture of the organization's more »

triage security alerts escalated from Tier 1 SOC analysts, determine severity and potential impact of the incident, and follow the triage process until closure. •Threat Analysis: Conduct in-depth analysis of security events to identify malicious activities, tactics, techniques, and procedures used by threat actors. •Security … Security Tool Management: Managing and configuring security tools, specifically Microsoft Sentinel and the Microsoft Defender suite including Defender for Cloud and Microsoft 365 Defender. •Threat Intelligence: Utilizing threat intelligence feeds and sources to stay up-to-date with the latest threats and vulnerabilities. •Collaboration: Collaborating with other members … in Kusto Query Language (KQL). Experience with the creation, configuration and use of Playbooks, Notebooks and Workbooks. Strong understanding of advanced cybersecurity concepts, threat landscape, and attack methodologies. Demonstrated experience in conducting in-depth incident analysis, threat hunting, and forensic investigations. more »

triage security alerts escalated from Tier 1 SOC analysts, determine severity and potential impact of the incident, and follow the triage process until closure. •Threat Analysis: Conduct in-depth analysis of security events to identify malicious activities, tactics, techniques, and procedures used by threat actors. •Security … Security Tool Management: Managing and configuring security tools, specifically Microsoft Sentinel and the Microsoft Defender suite including Defender for Cloud and Microsoft 365 Defender. •Threat Intelligence: Utilizing threat intelligence feeds and sources to stay up-to-date with the latest threats and vulnerabilities. •Collaboration: Collaborating with other members … in Kusto Query Language (KQL). Experience with the creation, configuration and use of Playbooks, Notebooks and Workbooks. Strong understanding of advanced cybersecurity concepts, threat landscape, and attack methodologies. Demonstrated experience in conducting in-depth incident analysis, threat hunting, and forensic investigations. more »

Description Leidos is seeking a talented Cyber Threat Intelligence Analyst to join our team to support a federal customer within the customers Security Operations. The Cyber Threat Intel Analyst will need a strong cyber security background with experience with the following: Identify, track and investigate high priority threat campaigns, malicious actors with the interest, capability and TTPs (Techniques, Tactics and Procedures). A comprehensive understanding, analyzing and tracking the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cyber security posture of the organization's IT operating … least 5 years in incident detection and response and/or cyber intelligence analysis. Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers, management, and customer teams for purposes of situational awareness and making threat intelligence actionable. Provide support to security more »

Description Leidos is seeking a talented Cyber Threat Intelligence Analyst to join our team to support a federal customer within the customers Security Operations. The Cyber Threat Intel Analyst will need a strong cyber security background with experience with the following: Identify, track and investigate high priority threat campaigns, malicious actors with the interest, capability and TTPs (Techniques, Tactics and Procedures). A comprehensive understanding, analyzing and tracking the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cyber security posture of the organization's IT operating … certs may be considered for additional years of experience in lieu of a degree. Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers, management, and customer teams for purposes of situational awareness and making threat intelligence actionable. Provide support to security more »

a member of the highly technical Operations Enhancement team supporting U.S. Customs and Border Protection (CBP), you will be responsible for in-depth technical analysis of network and endpoint logs & activity, developing signatures, alerts, rules, etc., to improve the security posture of the environment, developing processes and procedures for … result of hunt missions, penetration tests, tuning requests and others, to include signatures, alerts, rules, workflows, and automation. Identify, track, and investigate high priority threat campaigns, malicious actors with the interest, capability and Tactics, Techniques, and Procedures (TTPs). Coordinate with cross functional teams to improve threat detection … threats, and create content to monitor and alert on such activity/threats. Utilize the MITRE ATT&CK framework to understand TTPs of adversaries, threat actors, APTs, and threats targeting the customer agency and organize threat hunts around ATT&CK techniques and sub-techniques. Responsible for maintaining a more »

technical staff in line with the Trust IT policies. The Cyber Security Analyst will also be required to analyse complex data to identify potential threat actors, collate threat analysis and create cyber security management reports to communicate the threat and severity to the Digital Management team … that all trust assets are registered and managed within the security systems including SIEM/ATP/MECM/SNOW . Develop highly complex analysis of the network and the trust systems to ensure their security and identify anomalous behaviour. Work to continuously improve the maturity of the monitoring … desk and communicate with staff politely to resolve IT & Cyber Security related issues. Provide expertise and lead on cyber related investigations to provide accurate analysis of alerts and logs from the Trust SIEM and security systems. Led on the development of internal vulnerability management capabilities working with third parties more »

mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on … the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating potential threats and vulnerabilities to ensure that the organization is prepared to defend against them. Strategic Defense Implementation: Putting in place robust security measures to protect the organization's information assets. Cross-Team Coordination … unified security strategy. This role demands a proactive mindset, deep technical expertise, and strong leadership skills to navigate the complex and ever-evolving cyber threat landscape. It's about being always prepared, constantly learning, and effectively communicating to maintain and enhance the organization's security posture. Tasks & Responsibilities Evaluate more »

solutions and functional prototypes to demonstrate proof of concept and to enable rapid confirmation of design ideas. Follow secure development processes including contributing to threat analysis, participating in design reviews, and in code reviews. Resolve complex technical issues through research and investigation. Required profile: What we look for more »

growing Cyber team. What they’re looking for in you as their Security Operations Analyst: Commitment to continuous professional learning and development through ongoing threat analysis and being up to date with the future threat landscape. Working with security tools such as; Sentinel, Defender and Azure Incident … response planning for different Cyber Threats Monitoring of IT Security systems, providing trend analysis Implementing and maintaining firewall configurations What's in it for you? Competitive salary up to £55,000 25 Days holiday which can increase to 30+ days Pension Scheme Private medical Security Operations Analyst – Up to more »

Implementing secure network protocols such as SSL/TLS, HTTPS, SSH, SFTP, and secure industrial protocols for PRISMIC control systems. Conducting and maintaining ongoing threat analysis and risk assessment processes to proactively identify and mitigate potential security risks for PRISMIC systems. Ensuring high standards of software quality control more »

analyze security events for anomalous activity Be able to identify emerging security threats and develop/implement security programs Able to conduct vulnerability assessments, threat analysis, and reporting. Experience/understanding of Cloud PlatformsAWS/GCP and Firewalls Possess a related credential for ethical hacking and security risk more »

mission partners to deliver tailored Cybersecurity Service Provider (CSSP) solutions to USSF components. Workload will encompass Protective Domain Name Services, Attack Surface Management and Threat Intelligence Collaboration activities. Primary Responsibilities: Document and execute policies compliant with DoD, USSF, NSA, NISSPOM, and NIST Special Publications. Promote rigorous awareness of cyber … Cybersecurity Vulnerability Management alerts, bulletins, and Security Technical Implementation Guides (STIGS). Analyze unit host systems for indicators of Malicious Cyber Activity (MCA), Insider Threat, or lack of Defensive Cyber Operations best practices, document and report findings, and help implement risk mitigating corrective actions. Oversee Risk Management Framework (RMF … management and execution activities. Perform cyber threat analysis and reporting on information derived from various intelligence sources. Conduct Information Assurance and Cyber Defense training and briefings on an as needed basis. Basic Qualifications: Bachelor's Degree with 15+ years of relevant experience or Master's Degree with 12+ more »