Crime Intelligence Analyst providing tactical analytical assistance for criminal investigations at FDLE. Compiling and analyzing intelligence data from various agencies for law enforcement.
About the role
- Cyber Threat Analyst position responsible for monitoring and analyzing security events for US government clients. The role involves leveraging AI/ML tools to enhance threat detection and response for security operations.
Responsibilities
- Responsible for performing triage on all security escalations and detections to determine scope, severity, and root cause.
- Monitor cyber security events, detecting incidents, and investigating incidents.
- Identify, recommend strategies, develop, and implement automation use cases leveraging AI/ML capabilities.
- Support deploying, configuring, testing, and maintaining Security Orchestration, Automation, and Response (SOAR) platform, and tools integrated with AI/ML capabilities to enhance threat detection, analysis and response.
- Develop, test and Implement dynamic Risk-Based Alerting (RBA).
- Identify and develop RBA and identifying use cases for SOAR and AI/ML.
- Monitor and analyze alerts from various sources such as IDS/IPS, Splunk, Tanium, MS Defender, SentinelOne and Cloud security tools leveraging SOAR and AI/ML capabilities, and provide recommendation for further tuning of these alerts when necessary.
- Analyze network traffic utilizing available tools and provide recommendations.
- Perform vulnerability assessments of recently discovered CVEs against internal systems and network.
- Assist in the process of configuring or re-configuring the security tools.
- Perform analysis on hosts running on a variety of platforms and operating systems, to include, but not limited to, Microsoft Windows, UNIX, Linux, as well as embedded systems and mainframes.
- Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
- Test, evaluate, and verify hardware and/or software to determine compliance with defined specifications and requirements.
- Provide support to contract Program Manager, as necessary.
- Effectively communicates technical information to non-technical audiences.
- Influence others to comply with policies and conform to standards and best practices.
Requirements
- Bachelor's or Master's Degree in Computer Science, Information Systems, or other related fields.
- 8+ years of experience with security operations, threat hunting, and incident response.
- Experience in analyzing alerts from Cloud, SIEM, EDR, and XDR tools, and alerts tuning process with preference on SentinelOne, Armis, and Splunk.
- Experience in configuring network devices and analyzing network traffic.
- Experience with Artificial Intelligence and Machine Learning (AI/ML) based security tools.
- Experience in researching, developing, and implementing SOAR use cases.
- Familiarity with Security Orchestration, Automation, and Response (SOAR) platform.
- Familiarity with cybersecurity operation center functions.
- Experience configuring and re-configuring security tools, including SentinelOne and Splunk.
- Experience implementing Security frameworks, such as MITRE ATT&CK and NIST, and can interpret use cases into actionable monitoring solutions.
- CERTIFICATIONS (One or more required): CISSP or CISA or CISM or GIAC or RHCE.
- Excellent oral and written communication skills.
Benefits
- Must be able to obtain a Position of Public Trust Clearance.
- All candidates must be a US Citizen or have permanent residence status (Green Card).
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Lead Competitive Intelligence Analyst enhancing USAA's competitive insight capabilities in the Marketing organization. Conduct benchmarking and analyze competitor strategies to inform decision - making.
Senior Analyst for strategic decision support in the commercial area of Grupo Doce D'ocê. Focus on data analysis and insight generation for business growth.
Analyst for market intelligence in pricing and packaging strategies at Sólides, a company specialized in integrated HR technology. Responsible for competitive monitoring and pricing model development.
Analista de Inteligência Comercial conducting performance analysis and driving strategic insights for SLC Agrícola. Key responsibilities include pricing, budgeting, and KPI management.
Analista de Inteligência de Suprimentos Sr transforming data into strategic decisions at GOL Linhas Aéreas. Join our team of insight - driven professionals enhancing efficiency and compliance in procurement processes.
Analytic staff collaborating with law enforcement to support agricultural crime investigations in Florida. Researching data, developing intelligence, and presenting findings with a focus on criminal activities.
Defensive Counterintelligence Analyst supporting CMS initiatives in Woodlawn, Maryland. Analyze threat information and support intelligence inquiries while utilizing your expertise in multi - domain operations.
DMATS Insider Threat Analyst providing threat analysis and incident mitigation onsite and remotely for CMS. Collaborating with teams to enhance insider threat capabilities and situational awareness.
SCRM Intelligence Analyst supporting Medicare and Medicaid operations. Analyzing risk management efforts and collaborating with federal agency leadership.