Information Security Analyst - Threat and Vulnerability
Allegis Group
- Hanover, MD
- Permanent
- Full-time
- Correlate threat data from various sources. Conduct research and evaluate threat intelligence to develop in-depth analysis and assessment on threats to critical networks and infrastructure components.
- Conduct cyber intelligence analysis, coordination, and interaction across networks and infrastructure components.
- Support the identification and impact classification for new vulnerabilities identified in the environment.
- Execute and support vulnerability assessments, penetration testing and social engineering activities.
- Support the implementation, adoption, configuration, and maintenance of T&V tools.
- Conduct analysis and aggregation of vulnerability data from various Allegis Group and external sources
- Conduct periodic reviews of SOC security event activities to identify trends for potential efficiency and potential gaps with services.
- Provide InfoSec Leadership team information on the emerging cyber threat landscape, including threat actor tactics, techniques, and procedures.
- Incident and Problem management system support working with Security Operations Centers and SIEMS
- Develop and maintain analytical procedures to improve security incident identification and response efficiency.
- Support InfoSec leadership and architecture teams to identify capability gaps in vulnerability management services and tools.
- Interact with entities across OPCOs to understand information criticality and use cases for detection of threats targeting such data.
- Develop strong working relationships with counterparts within Information Services (IS).
- Conduct incident response actions from security incidents as directed by leadership team, including during off-hours as needed.
- Create and maintain T&V metrics data.
- Continue self-development of knowledge, skills, and abilities to better support execution of the InfoSec analyst function.
- Bachelor's degree in the field of MIS, Cybersecurity, computer science, information systems or computer engineering or equivalent experience.
- 3 to 5 years of experience with identifying, analyzing, and communicating cyber threat and vulnerability information.
- Experience applying threat and vulnerability analyses models, examples include the Lockheed Martin (LM) Cyber Kill Chain, the Diamond Model of Intrusion Analysis, the Mitre ATT&CK Framework, and the Common Vulnerability Scoring System (CVSS).
- Understanding of Agile and ITIL methodologies
- Ideal candidates will hold one or more of the following certifications:
- CISSP, NET+, SEC+, SANS GIAC (GISF, GSEC or other)
- Ability to conduct detailed security event analysis from network traffic attributes and host-based attributes (memory analysis, binary analysis, etc.)
- Ability to operate effectively with minimal supervision.
- Ability to prioritize activities to support program execution.
- Familiarity with malware reverse engineering concepts
- Rapid7/InsightVM security scanning and management tools
- Familiarity of Data Loss Prevention and threat detections systems
- Basic understanding of Federal/International regulations related to information security (GDPR, ISO, NIST, SSAE, HIPAA, FISMA etc.)
- Ability to support the development and enhancement of security policies, standards, and processes.
- Working knowledge of information services capabilities including network, system, database, encryption & identity technologies
- Excellent verbal and written communication skills.
- Demonstrated ability to think strategically and perform detailed analysis, and data interpretation.
- Effective interpersonal skills, the ability to build consensus, and interface with all levels of staff.
- Ability to work under pressure and deal with ambiguous situations.
- Build relationships
- Develop people
- Lead change
- Inspire Others
- Think critically
- Communicate clearly
- Create accountability