Job Summary: 

The Information Security Analyst, for Threat & Vulnerability, will provide service and operational support to all ACS Information Security Office service offerings and capabilities.  The InfoSec Analyst will support project work upon request.

The Threat & Vulnerability Analyst will be responsible for consuming threat intelligence from internal and external sources and converting intelligence into actionable use cases and detection methodologies. The Threat & Vulnerability Analyst reviews security events and conducts additional analytics to determine if an event requires additional incident response actions by Allegis Group InfoSec or other departments.

Essential Functions:

• Correlate threat data from various sources. Conduct research and evaluate threat intelligence to develop in-depth analysis and assessment on threats to critical networks and infrastructure components.
• Conduct cyber intelligence analysis, coordination, and interaction across networks and infrastructure components.
• Support the identification and impact classification for new vulnerabilities identified in the environment.
• Execute and support vulnerability assessments, penetration testing and social engineering activities.
• Support the implementation, adoption, configuration, and maintenance of T&V tools.
• Conduct analysis and aggregation of vulnerability data from various Allegis Group and external sources
• Conduct periodic reviews of SOC security event activities to identify trends for potential efficiency and potential gaps with services.
• Provide InfoSec Leadership team information on the emerging cyber threat landscape, including threat actor tactics, techniques, and procedures.
• Incident and Problem management system support working with Security Operations Centers and SIEMS
• Develop and maintain analytical procedures to improve security incident identification and response efficiency.
• Support InfoSec leadership and architecture teams to identify capability gaps in vulnerability management services and tools.
• Interact with entities across OPCOs to understand information criticality and use cases for detection of threats targeting such data.
• Develop strong working relationships with counterparts within Information Services (IS).
• Conduct incident response actions from security incidents as directed by leadership team, including during off-hours as needed.
• Create and maintain T&V metrics data.
• Continue self-development of knowledge, skills, and abilities to better support execution of the InfoSec analyst function.

Minimum Education and/or Experience:

• Bachelor's degree in the field of MIS, Cybersecurity, computer science, information systems or computer engineering or equivalent experience.
• 3 to 5 years of experience with identifying, analyzing, and communicating cyber threat and vulnerability information.
• Experience applying threat and vulnerability analyses models, examples include the Lockheed Martin (LM) Cyber Kill Chain, the Diamond Model of Intrusion Analysis, the Mitre ATT&CK Framework, and the Common Vulnerability Scoring System (CVSS).
• Understanding of Agile and ITIL methodologies
• Ideal candidates will hold one or more of the following certifications:
• CISSP, NET+, SEC+, SANS GIAC (GISF, GSEC or other)

Skills and Abilities:

• Ability to conduct detailed security event analysis from network traffic attributes and host-based attributes (memory analysis, binary analysis, etc.)
• Ability to operate effectively with minimal supervision.
• Ability to prioritize activities to support program execution.
• Familiarity with malware reverse engineering concepts
• Rapid7/InsightVM security scanning and management tools
• Familiarity of Data Loss Prevention and threat detections systems
• Basic understanding of Federal/International regulations related to information security (GDPR, ISO, NIST, SSAE, HIPAA, FISMA etc.)
• Ability to support the development and enhancement of security policies, standards, and processes.
• Working knowledge of information services capabilities including network, system, database, encryption & identity technologies
• Excellent verbal and written communication skills.
• Demonstrated ability to think strategically and perform detailed analysis, and data interpretation.
• Effective interpersonal skills, the ability to build consensus, and interface with all levels of staff.
• Ability to work under pressure and deal with ambiguous situations.

Core Competencies:

• Build relationships
• Develop people
• Lead change
• Inspire Others
  
• Think critically
• Communicate clearly
• Create accountability