Tier 1 Cyber Threat Analyst

at  Criterion Systems Inc

Overview:
At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com.

CRITERION SYSTEMS IS A MILITARY/VETERAN FRIENDLY COMPANY, THEREFORE WE ENCOURAGE VETERANS TO APPLY.

Responsibilities:
Criterion Systems is seeking a Cyber Threat Analyst to support our customer in Las Vegas, Nevada!
The Cyber Threat Analyst will be a part of a Cyber Threat Analysis Center (CTAC) Team supporting the customer in cyber-threat hunting and associated investigations of systems developed and implemented to support the customer’s mission. The candidate will be part of a team that performs cyber-threat analysis to identify potential cyber-threat activity within networks/systems. The successful candidate will perform hands-on investigations that require critical thinking and a broad understanding of multiple technologies. The candidate will support development of presentations and reports to document findings and will require good communication and interpersonal skills to convey findings in the technical proficiency level of the intended audience.

SKILLS, EXPERIENCE, AND REQUIREMENTS

• US Citizenship (no dual citizenship).
• Bachelor’s Degree in Computer Science, Information Technology or related engineering discipline. Bachelor’s Degree can be substitute with 4 years of work experience in computer and information technology related field.
• Three (3) years of IT work experience with a preference in duties above.
• Active Department of Energy (DOE) “Q” Clearance OR Top Secret Security Clearance OR Secret with a T3 investigation or the ability to obtain a clearance.
• Possess excellent oral and written communication skills and critical thinking abilities.
• Capable of working independently and within teams to solve complex problems.
• Able to work across multiple organizations, cultures and service providers to pull together actionable information and management information.
• Practical knowledge of Splunk policies, filters and rules to improve event analysis and data correlation.
• Experience with incident response or other similar work experience.
• Knowledge of Windows and Unix/Linux Operating Systems.
• Ability to perform analysis of network traffic and protocols
• The following security certifications are highly desired: SANS FOR578, SANS SEC487, GIAC Cyber Threat Intelligence (GCTI).
• Possess NIST/NICE Threat Analysis approved certifications or the ability to obtain within the first six months of employment.

• Assist in the development and execution of cyber threat-hunting standard operating procedures (SOPs)
• Serve as a data analysis expert for output from a wide variety of cyber assessment tools and data analytics
• Assist in analysis tool development, configuration, implementation and use
• Analyze cyber-threat intelligence (e.g. actors, tools, exploits, malware, etc.) and determine TTPs used by threat-actors
• Analyze security events and data feeds for event detection, correlation from monitoring solutions, conduct triage and classify the output using automated systems for further investigation
• Assist in the discovery of cyber vulnerabilities and the investigation of global cyber security incidents, as required
• Develop cyber protection improvement recommendations that support the remediation and protection of systems
• Analyze and report on cyber-threats based on assessment and all-source intelligence
• Translate analytical findings into security “use cases” that can be implemented within available surveillance capabilities
• Provide detailed and accurate technical reporting of analysis results in the form of PowerPoint presentations and/or Word documents, as well as oral briefings on complex technical subjects attuned to senior management, technical, or non-technical audiences
  Qualifications: