LOOKINGGLASS CYBER SOLUTIONS is looking for a motivated Cyber Security Analyst to join our team. The Analyst will be responsible for providing decision makers actionable intelligence to reduce the risk to the client’s technology infrastructure and data assets, and pioneer efforts to design, implement, and manage the Cyber Security program.
OVERVIEW OF POSITION:
The Analyst will be expected to conduct threat assessments, vulnerability assessments, statistical analysis and provide warnings, alerts, and bulletins to state, local, and private sector cyber partner entities. Additionally, the Analyst will work in collaboration with other security professionals to identify threats and vulnerabilities to the client’s Information Technology (IT) systems and develop intelligence products to inform its stakeholders. The analyst should have a broad understanding and knowledge of information technology areas such as networking, systems programming, application development, disaster recovery, and/or web operations. By providing awareness of Advanced Persistent Threats (APT) actors, Techniques, Tactics, and Procedures (TTP), indicators of compromise (IOC), cyber security warnings, and operational readiness, the Analyst protects both private and public sector interests in the community, supports the security of technology infrastructure, and helps build trust in the community with the goal of improving cyber information sharing.
Bachelor’s degree or equivalent work experience of 2+ years in IT Network Security or Information Security;
Equivalent cyber competition experience may be accepted in lieu of years of cyber threat analysis experience;
Experience working in a cyber-threat analysis related function;
Experience working as a self-starter and being self-motivated, as well as being able to work collaboratively, and at times independently with both private, public, and academic sectors threat intelligence teams;
Strong cyber security analytical and situational awareness skills;
Exceptional written and verbal communication and presentation skills;
Surface level understanding of security event monitoring concepts and escalation processes;
Proficient using network forensic tools and analysis techniques with ability to potentially identify malicious traffic and infection vectors.
Preferred industry standard cyber security certifications such as CCNA, Security+, Network+ or Certified Ethical Hacker (CEH) Certification;
Be able to conduct a surface level understanding of security event and incident monitoring concepts, mitigation steps, and escalation processes;
Be able to demonstrate a methodical, data-driven approach to security threat intelligence analysis using the kill chain;
Be able to stay ahead of the latest trends in cyber-criminal behavior, detection, mitigation procedures, and incident response techniques;
Be able to research and provide knowledge of APTs and TTPs, malware, and cyber-attacks to them;
The ideal candidate may have extensive knowledge of a variety of cyber security domains and topics including cyber-crime techniques, tactics and procedures, computer forensics, hacktivisim, Distributed Denial of Service attacks, Malware analysis, Host/Network-based intrusion detection, Network monitoring, IDS/IPS, Firewalls, Proxy servers, load balancers, Symmetric and Public Key Encryption;
The ideal candidate may be able to speak to and provide technical analysis of various data log types from multiple operating systems, and origins such as Proxy, AD, Registry, and DLP;
The ideal candidate may have knowledge of scripting and/ or programming languages including Python, PHP, Perl, Bash, C, or others;
Preferred experience or knowledge analyzing Netflow, DNS, Proxy, and web access logs;
Preferred experience or basic knowledge of network exfiltration techniques (Command & Control).
Additional analyst job duties may also include:
The daily review, exploitation and analysis open source intelligence reports based on the fully licensed Cyber Threat Center’s Platform;
Open source/dark web research and analysis of collected incidents, postings, threat actors and events;
Research and analysis of relevant incidents, postings, threat actors and cyber events;
Compilation of metrics, graphs and data, and preparation of departmental and management presentations;
Analysis of artifacts from available online/cyber activity including, but not limited to domains, IP addresses, URLs, usernames, NICs, and other electronic IDs;
Analysis of economic, geopolitical and other “real world” events that may directly impact equities for the client.