Title: Cyber ThreatIntelligence Analyst Client: U.S. Army Location: Fort Belvoir, VA 22060 • Provides cyber risk and threat identification by proactively and continuously monitoring the internal and external landscape for relevant events, risks and threats related to malicious code, vulnerabilities and attacks. • Performs monitoring and analysis of threatintelligence monitoring tool services, product contracts and … mitigation TTPs for identified malicious logic within the customer's environment. • Maintains current knowledge of tools and best practices in advanced persistent threats. • Regularly develops and produces succinct written intelligence reports 706 constructed from technical analysis and collected threat information for ECMA internal consumers. • Contributes cyber security perspective to discussions and decisions regarding MITRE Telecommunication&CK for Cloud. More ❯
Job Title: Cyber Threat Analyst Location: Huntsville, AL Type: Direct Hire Work Model: On-site Security Clearance: Active Top Secret, willing to sit for CI Poly Contact: Position Overview We are seeking a skilled Cyber Threat Analyst to join our team in Huntsville, VA. The analyst will monitor and assess cyber threats, investigate security incidents, and provide actionable … intelligence to strengthen the organization's cybersecurity posture. The ideal candidate will bring both technical expertise and an intelligence-driven approach to defending against evolving cyber threats. Key Responsibilities Monitoring & Analysis: Continuously monitor computer networks, investigate security breaches, and analyze threat activity. ThreatIntelligence: Collect and evaluate data from open-source intelligence, dark web … agencies, and international partners to address cyber threats. Malware Analysis: Analyze samples to identify adversary tactics, techniques, and procedures (TTPs). Tool Development: Develop tools and automation to enhance threat analysis and intelligence collection. Continuous Learning: Stay current with emerging cyber threats, vulnerabilities, and industry best practices. Required Skills & Qualifications Active Top Secret clearance with ability to sit More ❯
TMC Technologies is in search of a mid-level Cybersecurity Analyst to join the FBI's ESOC Cyber ThreatIntelligence (CTI) Team. TheCTI Teamis responsible for monitoring and analyzing external cyber threat data to provide insights and actionable intelligence about potential cyber threats. The candidate must be a US citizen and possess a minimum of an … required - Minimum of 5 years of relevant experience required - Experience with identifying indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs) used by attackers required - Expertise in established cyber threatintelligence frameworks, such as MITRE ATT&CK required - Splunk experience required - Experience with open-source intelligence (OSINT) collection methods and tools preferred - Bachelor's Degree required - Preferred … certifications include: GIAC Cyber ThreatIntelligence (GCTI) Microsoft Sentinel We are equal opportunity/affirmative action employers, committed to diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status, or any other protected characteristic under state or local More ❯
Job Title: Cyber Threat Analyst Location: Huntsville, VA Type: Direct Hire Work Model: On-site Security Clearance: Active Top Secret, willing to sit for CI Poly Contact: Position Overview We are seeking a skilled Cyber Threat Analyst to join our team in Huntsville, VA. The analyst will monitor and assess cyber threats, investigate security incidents, and provide actionable … intelligence to strengthen the organization's cybersecurity posture. The ideal candidate will bring both technical expertise and an intelligence-driven approach to defending against evolving cyber threats. Key Responsibilities • Monitoring & Analysis: Continuously monitor computer networks, investigate security breaches, and analyze threat activity. • ThreatIntelligence: Collect and evaluate data from open-source intelligence, dark web … agencies, and international partners to address cyber threats. • Malware Analysis: Analyze samples to identify adversary tactics, techniques, and procedures (TTPs). • Tool Development: Develop tools and automation to enhance threat analysis and intelligence collection. • Continuous Learning: Stay current with emerging cyber threats, vulnerabilities, and industry best practices. Required Skills & Qualifications • Active Top Secret clearance with ability to sit More ❯
transformation consultancy is seeking a Senior SOC Solutions Engineer to elevate its security operations capability. This is a hands-on engineering role focused on SIEM development, playbook automation, and threat modelling-delivering proactive defence across cloud and on-prem environments. You'll be instrumental in designing and implementing advanced detection and response strategies, working closely with cross-functional teams … improvement. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain IBM QRadar SIEM platform Onboard and normalize diverse log sources across hybrid environments Develop and tune analytical rules for threat detection and behavioural analysis Playbook Development & Automation Design incident response playbooks for scenarios including phishing, lateral movement, and data exfiltration Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps … XSOAR) Continuously refine automation based on threatintelligence and incident feedback Threat Detection & Response Monitor and investigate security alerts and anomalies Lead incident response activities and collaborate with threatintelligence teams Enrich detection logic with contextual threat data Threat Modelling & Use Case Development Conduct threat modelling using MITRE ATT&CK, STRIDE, or More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
and assess system and network security posture in accordance with DoD cybersecurity policies and tools Apply MITRE ATT&CK and/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threatintelligence analysis, identify emerging potential threats, and provide threatintelligence recommendations Perform vulnerability assessments using the Assured Compliance …/disciplines: System hardening across multiple OS platforms Networking and virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threatintelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows More ❯
a Security Analyst. This is a Level 2 Information Systems Security (ISS) position that is staffed in the Security Operations Control Center (SOCC). Essential Functions: • Responsible for cybersecurity threatintelligence data collection via open intelligence sources. • Organizes, documents, and collaborates discovered intelligence via information sharing platform. • Research threat actors, malware, attack vectors, and other … threat information, collects indicators of compromise, documents and advises management on prevention and remediation strategies. • Continually evaluates accuracy of open source threatintelligence and evolves intelligence collection strategies as sources deteriorate or conflict. • Maintains and updates past intelligence with new information is provided. • Produces well-written reports outlining current industry threats, findings on managed network … and best practices following detected threats. • Collaborates with other teams to locate and remediate threats based on intelligence collected and communicated. • Must be able to work in a fast-paced ever-changing environment. Qualifications: • 2+ years related experience with BS/BA (Bachelors) in Information Technology/Computer Information Systems or Cyber/Information Security; or 4-6 years More ❯
are actionable, enriching detection and response activities and informing risk and compliance stakeholders. Technical Architecture & Integration Design and implement a continuous monitoring reference architecture, leveraging SIEM, SOAR, UEBA, and threat intelligence. Establish enterprise logging standards covering log coverage, retention, encryption, access, and integrity requirements. Drive automation of monitoring workflows and correlation logic to reduce dwell time and improve detection … accuracy. Collaborate with threatintelligence teams to ensure real-time enrichment of event data and alignment with MITRE ATT&CK adversary tactics. Program & Capability Development Build the CCM capability from the ground up, defining the operating model, reporting cadence, and engagement with SOC, risk, and compliance. Develop and track KPIs, ensuring CCM effectiveness is measurable and communicated to … with at least 5 years in security monitoring, SOC leadership, or equivalent detection & response functions. Proven track record of building or maturing monitoring capabilities (SIEM, SOAR, telemetry pipelines, UEBA, threat intel integration). Knowledge of log ingestion, normalization, correlation, and enrichment processes. Familiarity with leading monitoring technologies: Splunk, DataDog, Microsoft Defender, CrowdStrike Falcon, Azure/AWS/GCP telemetry More ❯
and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threatintelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threatintelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threatMore ❯
and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threatintelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threatintelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threatMore ❯
and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threatintelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threatintelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threatMore ❯
Wolverhampton, United Kingdom Hybrid / WFH Options
Anson Mccade
and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threatintelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threatintelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threatMore ❯
and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threatintelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threatintelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threatMore ❯
