Cyber Team Six Threat Intelligence Engineer

Location: Arlington, Virginia

Job Description

CyberSponse is seeking a qualified professional to support the Cybersecurity Protection Team [CPT] or “Cyber Team Six.” CyberSponse provides an incident response, remediation, forensics, proactive response and strategic cyber planning services for U.S. Federal Agencies and various partners at critical locations. The Threat Intelligence Engineer is responsible for developing informational and analytic products to increase situational awareness of current and emerging cybersecurity threats and risks. This also includes reporting on underlying patterns of behavior by conducting a detailed analysis of incidents, threats and risks and associated impacts and consequences, vulnerabilities, tactics, techniques, and procedures (TTP), and other malicious and non-malicious indicators.

The Threat Intelligence Engineer will work in concert with the Federal Leadership Team, Intra-agency Partner Groups and Project Management community to qualify and prioritize resource demand, support project delivery, and serve as a key touch point for customers. The Threat Intelligence Engineer will assist the Cyber Team Six Team Lead and is responsible for supporting CT6 management with daily operations including tracking threat intelligence related deliverables for multiple federal customers.

The Threat Intelligence Engineer will help support all stakeholders by establishing, enhancing, and sustaining optimal technical and operational practices, processes, and standards.

The Threat Intelligence Engineer must demonstrate relevant domain expertise of an Enterprise Cybersecurity Incident Response Team, Cyber Threat Intelligence, and Cybersecurity Operations. The successful candidate will confidently and successfully develop accurate standard operating procedures based upon best practices that can be utilized on multiple projects.

Duties and Responsibilities

  • Proactively research emerging cyber threats. Apply analytical understanding of hacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits
  • Utilize experience analyzing and synthesizing information with other relevant data sources, providing guidance to analysts and operators, evaluating, interpreting, and integrating all sources of information, and fusing computer network attack analyses with available threat feed data
  • Communicate to CyberSponse team members and senior leadership both quantifiable and qualified cyber risk to the organization through operational briefings and threat intelligence reports
  • Has in-depth knowledge of security systems and understands the life cycle of network threats, attacks, attack vectors, and methods of exploitation
  • Possesses the ability to use in-depth knowledge to identify and present actionable intelligence to team members and senior leadership
  • Develop and maintain analytical procedures to meet changing requirements and ensure maximum operations
  • Perform other official duties as assigned

Requirements/Experience

  • Bachelor’s degree in computer related field, plus 5 years of professional experience or equivalent work experience
  • Demonstrated experience and advanced knowledge of security systems analysis, testing, and documentation
  • Knowledge of virtual environments, network operating systems, mobile device environments, and data encryption methods
  • Demonstrated expertise in communication protocols, network operating systems, servers, firewall implementation, IPS/IDS systems, and advanced malware detection systems
  • Must be able to multi-task and work independently on moderate to complex assignments using independent professional discretion and judgment as well as transition quickly between projects with minimal supervision
  • Ability to communicate effectively, both orally and in writing, with elected officials, senior staff, information systems professionals, and technical and non-technical users
  • Ability to comprehend and integrate complex computer technology and software into an effective information systems security program. Must have the ability to verify the solution meets the requirements;
    • Ability to maintain effective working relationships with colleagues, users, contractors, and vendors
    • One or more of the following preferred (CISSP, GIAC, EnCE, CCE, CEH).

Additional Requirements

  • US Citizen (REQUIRED)
  • Ability to pass a Background Check – AND – Drug Test (REQUIRED)
  • Ability to obtain Secret/TS clearance at the request of the Gov.

Message from the CEO

“CyberSponse is a company built on trust, loyalty and honor. The management team truly cares about each team member of the Company and are very protective and selective of extending offers to new hires. We are all driven to maintain a culture that enables you to perform your best work, grow your professional and personal skills allowing you to fulfill your goals and career objectives. We are also confident you will also make some good friends along the way too. You will see that we care for and protect our team members, their families, their financial security, and determined to help each of our team improve their way of life. We believe that without loyalty a team or individual cannot be successful. We look forward to continuing our process to see if this is a good fit for both parties.” – Larry Johnson

Apply

If you are interested in this opportunity and would like to learn more, please contact CyberSponse Human Resources, with a current resume and cover letter at HR@CyberSponse.com

About CyberSponse

CyberSponse provides an enterprise-grade secure platform using innovative technology to increase response efficiency with cyber security tools, as well as management of response team’s daily activities. CyberSponse’s Automation platform incorporates a proprietary embedded collaboration technology designed to create, test and manage efficient response automated plans. The CyberSponse platform is the only solution of its kind in the market, operating with enterprise customers and on a very fast growth trajectory. Our vision is to make the solution easy to use and by integrating legacy technology systems together through our robust API connectivity ensures it is not just another cyber security but the central nervous system of the entire network.