Cyber Threat Analyst 2

ECS is seeking a Cyber Threat Analyst 2 to work in our Fairfax, VA office.

Job Description :

As a leading managed cybersecurity services provider, ECS delivers a highly tailored and customized offering to each customer.

Our team is responsible for protecting the ECS corporate and customer networks. Our mission is broad, and our team is agile.

We will leverage your unique skills to help solve customers’ challenges, such as engineering a system to address a technical hurdle, protecting customer data, or consulting on a wide range security topics.

You are empowered to engage and lead across multiple groups and must have the self-sufficiency and focus to work well without constant oversight.

Our SOC Shift Analysts are responsible for investigating threats targeting ECS’ internal network and commercial customers.

They support the commercial cybersecurity program during core and non-core business hours. This position requires you to work rotating shifts in a dynamic, fast-paced 24x7x365 operations environment.

As a shift analyst, you will have mentors to help guide you through your ECS journey.

Responsibilities :

• Conduct network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection / prevention systems, firewalls, and host-based security systems.
• Work with security information and event management (SIEM) to correlate events and identify indicators of threat activity.
• Research emerging threats and vulnerabilities to aid in the identification of incidents.
• Conduct log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources.
• Correlate network, cloud, and endpoint activity across environments to identify attacks and unauthorized use.
• Review alerts and data from sensors. Document formal, technical incident reports.
• Analyze customer phishing email submissions to determine resolution.
• Provide customers with incident response support, including mitigating actions to contain activity and facilitate forensics analysis when necessary.
• Work with threat intelligence and threat-hunting teams. Maintain awareness of threat intelligence sources.
• Maintain awareness of current cyber threats, attack methodologies, and detection techniques using a wide variety of security products, including COTS and open source.
• Assist in the evaluation of new analytical techniques and capabilities to determine how they can integrate into a managed security offering.
• Support the investigation of large- and small-scale cyber breaches.
• Communicate cyber events to internal and external stakeholders.

Required Skills :

• 3+ years of experience in a technology-centered role, or completion of a higher education degree in information technology, computer science, or cybersecurity.
• Proven experience triaging detections in EDR, SIEM, SOAR and other security technologies.
• Security+ certification (or equivalent).
• Strong problem-solving and troubleshooting skills.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• An ability to effectively influence others to modify their opinions, plans, or behaviors.
• An understanding of organizational mission, values, goals, and consistent application of this knowledge.
• Good judgment and a sense of urgency, and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service, and business integrity.
• Ability to support on-site travel with customers or at ECS offices within the United States or OCONUS. Any travel will be short in duration and well-planned.
• Possess and maintain a U.S. Passport.
• Wear professional business attire for in-person meetings and teleconferences with internal and external organizations.
• Other duties, as assigned.
• Ability to achieve a Secret clearance.

Desired Skills :

• 3+ years of experience in a technology-centered role, or completion of a higher education degree in information technology, computer science, or cybersecurity.
• Proven experience triaging detections in EDR, SIEM, SOAR and other security technologies.
• Security+ certification (or equivalent).
• Strong problem-solving and troubleshooting skills.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• An ability to effectively influence others to modify their opinions, plans, or behaviors.
• An understanding of organizational mission, values, goals, and consistent application of this knowledge.
• Good judgment and a sense of urgency, and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service, and business integrity.
• Ability to support on-site travel with customers or at ECS offices within the United States or OCONUS. Any travel will be short in duration and well-planned.
• Possess and maintain a U.S. Passport.
• Wear professional business attire for in-person meetings and teleconferences with internal and external organizations.
• Other duties, as assigned.
• Ability to achieve a Secret clearance.
30+ days ago