for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations. Primary Responsibilities: Create Threat Models to better understand the DHS IT Enterprise, identify defensive gaps, and prioritize mitigations Author, update, and maintain SOPs, playbooks, work instructions Utilize Threat Intelligence and Threat Models to create threat hypotheses Plan and scope Threat Hunt Missions to verify threat hypotheses Proactively and iteratively search through systems and networks to detect advanced threats Analyze host, network, and application logs in addition to malware and code Prepare and report … risk analysis and threat findings to appropriate stakeholders Lead cyber threat hunt missions with minimal supervision or guidance and recommend courses of action, best practices, and mitigating actions to improve security practices. Established ability to write clearly and concisely regarding technical and non-technical products based on more »
overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations. Primary Responsibilities: Will conduct cyber threatanalysis, identifying mitigation and/or remediation courses of action; developing actionable intelligence used to protect organizational IT assets; and trending cyber threat metrics for leadership situational awareness . Responsible for maintaining a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats actors and/or activities to enhance cybersecurity posture of an the organization's IT operating environment. Identify , track and investigate , and write technical products … for dissemination to stakeholders regarding high priority threat campaigns, malicious actors , APTs , emerging threats, etc . Bring a comprehensive understanding, analyzing and tracking the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cybersecurity posture of the organization's more »
Description Leidos is seeking a talented Cyber Threat Intelligence Analyst to join our team to support a federal customer within the customers Security Operations. The Cyber Threat Intel Analyst will need a strong cyber security background with experience with the following: Identify, track and investigate high priority threat campaigns, malicious actors with the interest, capability and TTPs (Techniques, Tactics and Procedures). A comprehensive understanding, analyzing and tracking the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cyber security posture of the organization's IT operating … least 5 years in incident detection and response and/or cyber intelligence analysis. Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers, management, and customer teams for purposes of situational awareness and making threat intelligence actionable. Provide support to security more »
Description Leidos is seeking a talented Cyber Threat Intelligence Analyst to join our team to support a federal customer within the customers Security Operations. The Cyber Threat Intel Analyst will need a strong cyber security background with experience with the following: Identify, track and investigate high priority threat campaigns, malicious actors with the interest, capability and TTPs (Techniques, Tactics and Procedures). A comprehensive understanding, analyzing and tracking the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cyber security posture of the organization's IT operating … certs may be considered for additional years of experience in lieu of a degree. Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers, management, and customer teams for purposes of situational awareness and making threat intelligence actionable. Provide support to security more »
extend. You’ll also be expected to come into the office three days a week. What you’ll be doing: System improvements Vulnerability management Threat management Threatanalysis Reporting Process/Documentation writing, aligning to Azure benchmarking, aligning to CIS benchmarking Improvements to AppSec (including SAST, DAST … improvements Incident/investigation and resolution. What you’ll bring: Experience in Microsoft Azure and Defender Engineering. Application security experience including DAST & SAST. Microsoft threatanalysis experience and EASM tools. Strong security testing experience including penetration testing. Strong security baseline knowledge In-depth vulnerability management, resolution, and patching more »
technical staff in line with the Trust IT policies. The Cyber Security Analyst will also be required to analyse complex data to identify potential threat actors, collate threatanalysis and create cyber security management reports to communicate the threat and severity to the Digital Management team … that all trust assets are registered and managed within the security systems including SIEM/ATP/MECM/SNOW . Develop highly complex analysis of the network and the trust systems to ensure their security and identify anomalous behaviour. Work to continuously improve the maturity of the monitoring … desk and communicate with staff politely to resolve IT & Cyber Security related issues. Provide expertise and lead on cyber related investigations to provide accurate analysis of alerts and logs from the Trust SIEM and security systems. Led on the development of internal vulnerability management capabilities working with third parties more »
identifying, investigating and analyzing all response activities related to cybersecurity incidents within an organization. Identifies security flaws and vulnerabilities; responds to cybersecurity incidents, conducts threatanalysis as directed and addresses detected incidents. Conducts network or software vulnerability assessments and penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex software systems to determine both functionality and intent of software systems. … Response process and ability to speak with other business units from a technical perspective for the life cycle of an incident. Familiarity with major threat actor groups and TTPs. Knowledge of common enterprise-grade endpoint and network defense tools Experience working with logging technologies and large data sets. Knowledge more »
identifying, investigating and analyzing all response activities related to cybersecurity incidents within an organization. Identifies security flaws and vulnerabilities; responds to cybersecurity incidents, conducts threatanalysis as directed and addresses detected incidents. Conducts network or software vulnerability assessments and penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex software systems to determine both functionality and intent of software systems. … Response process and ability to speak with other business units from a technical perspective for the life cycle of an incident. Familiarity with major threat actor groups and TTPs. Knowledge of common enterprise-grade endpoint and network defense tools Experience working with logging technologies and large data sets. Knowledge more »
South West London, London, United Kingdom Hybrid / WFH Options
Espire Infolabs Limited
mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on … the organization's security systems to detect any suspicious activities early. ThreatAnalysis: Evaluating potential threats and vulnerabilities to ensure that the organization is prepared to defend against them. Strategic Defense Implementation: Putting in place robust security measures to protect the organization's information assets. Cross-Team Coordination … unified security strategy. This role demands a proactive mindset, deep technical expertise, and strong leadership skills to navigate the complex and ever-evolving cyber threat landscape. It's about being always prepared, constantly learning, and effectively communicating to maintain and enhance the organization's security posture. Tasks & Responsibilities Evaluate more »
identifying, investigating and analyzing all response activities related to cybersecurity incidents within an organization. Identifies security flaws and vulnerabilities; responds to cybersecurity incidents, conducts threatanalysis as directed and addresses detected incidents. Conducts network or software vulnerability assessments and penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex software systems to determine both functionality and intent of software systems. … degree of impact on business results, and typically manages one or more groups of professional employees. Job Description Responsibilities Lead daily operations of the Threat Detection Engineering and the Security Operations Orchestration/Automation programs. Provide thought leadership for program improvements and new initiatives. Recommend and produce key metrics more »
identifying, investigating and analyzing all response activities related to cybersecurity incidents within an organization. Identifies security flaws and vulnerabilities; responds to cybersecurity incidents, conducts threatanalysis as directed and addresses detected incidents. Conducts network or software vulnerability assessments and penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex software systems to determine both functionality and intent of software systems. … degree of impact on business results, and typically manages one or more groups of professional employees. Job Description Responsibilities Lead daily operations of the Threat Detection Engineering and the Security Operations Orchestration/Automation programs. Provide thought leadership for program improvements and new initiatives. Recommend and produce key metrics more »
dot.NET Core under IIS You're on top of networking and connectivity, including BGP, and LACP. You're an advocate for security topics, including threatanalysis, security scanning - setup and analysis of results. Experienced in Scripting and automation in PowerShell or similar. Experienced with monitoring systems such more »
growing Cyber team. What they’re looking for in you as their Security Operations Analyst: Commitment to continuous professional learning and development through ongoing threatanalysis and being up to date with the future threat landscape. Working with security tools such as; Sentinel, Defender and Azure Incident … response planning for different Cyber Threats Monitoring of IT Security systems, providing trend analysis Implementing and maintaining firewall configurations What's in it for you? Competitive salary up to £55,000 25 Days holiday which can increase to 30+ days Pension Scheme Private medical Security Operations Analyst – Up to more »
capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies. Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies. Prepare and perform … briefings appropriate for senior leadership (i.e., general officer or flag officer) Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities. Provide enterprise-wide cybersecurity, threatanalysis, countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways more »
capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies. Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies. Prepare and perform … briefings appropriate for senior leadership (i.e., general officer or flag officer) Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities. Provide enterprise-wide cybersecurity, threatanalysis, countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways more »
capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies. Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies. Prepare and perform … briefings appropriate for senior leadership (i.e., general officer or flag officer) Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities. Provide enterprise-wide cybersecurity, threatanalysis, countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways more »
capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies. Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies. Prepare and perform … briefings appropriate for senior leadership (i.e., general officer or flag officer) Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities. Provide enterprise-wide cybersecurity, threatanalysis, countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways more »
capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies. Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies. Prepare and perform … briefings appropriate for senior leadership (i.e., general officer or flag officer) Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities. Provide enterprise-wide cybersecurity, threatanalysis, countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways more »
capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies. Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies. Prepare and perform … briefings appropriate for senior leadership (i.e., general officer or flag officer) Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities. Provide enterprise-wide cybersecurity, threatanalysis, countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways more »
capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies. Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies. Prepare and perform … briefings appropriate for senior leadership (i.e., general officer or flag officer) Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities. Provide enterprise-wide cybersecurity, threatanalysis, countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways more »
capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies. Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies. Prepare and perform … briefings appropriate for senior leadership (i.e., general officer or flag officer) Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities. Provide enterprise-wide cybersecurity, threatanalysis, countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways more »
capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies. Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies. Prepare and perform … briefings appropriate for senior leadership (i.e., general officer or flag officer) Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities. Provide enterprise-wide cybersecurity, threatanalysis, countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways more »
capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies. Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies. Prepare and perform … briefings appropriate for senior leadership (i.e., general officer or flag officer) Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities. Provide enterprise-wide cybersecurity, threatanalysis, countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways more »
capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies. Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies. Prepare and perform … briefings appropriate for senior leadership (i.e., general officer or flag officer) Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities. Provide enterprise-wide cybersecurity, threatanalysis, countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways more »
capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies. Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies. Prepare and perform … briefings appropriate for senior leadership (i.e., general officer or flag officer) Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities. Provide enterprise-wide cybersecurity, threatanalysis, countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways more »