Cyber Threat Detection & Response Analyst with Security Clearance

Description Position Summary Our Cyber Threat Detection & Response Analyst will support the Joint Service Provider (JSP) Defensive Cyber Operations (DCO) organization with Cyber Threat Intelligence products and network security monitoring and will perform as the analyst in area of cyber threat intelligence. Essential Duties and Responsibilities The essential functions include, but are not limited to the following: Implement the core Threat Intelligence concepts (ex. Cyber Kill Chain, MITRE ATT&CK, DoDCAR)
Produce reporting for new or emerging threats and threat vectors
Utilize SIEM technologies to correlate security events and logs and identify threats.
Incorporate threat intelligence into countermeasures to detect and prevent intrusions and malware infections. Identify threat actor tactics, techniques and procedures and based on indicators develops custom signatures and blocks.
Understand and employ the MITRE ATT&CK Matrix.
Recognize what you'll need to know to prevent or identify APT intrusions
Identify network architectures and select network components Understand concepts of log and packet analysis
Navigate the command line using specific expressions to manipulate data
Handle and organize disparate data about detections, attacks, and attackers
Discovery techniques and vetting of new intelligence
Create of Situational Awareness Reports and Threat Briefs
Participate in incident response activities including investigation, containment, eradication, and recovery
Document and escalate incidents according to standard operating procedures and coordinate with internal and external stakeholders as needed Requirements Minimum Qualifications (Knowledge, Skills, and Abilities) Bachelor's degree in an IT related field or equivalent years of IT related experience Active and current Top Secret federal security clearance
10+ years of cyber-related experience with demonstrated experience in threat detection.
Must meet DoD 8570/ 8140 IAT Level III certification requirements (e.g., CASP+, CISSP, or CySA)
Physical Demands and Work Environment The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions. While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand; walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate. Northern Technologies Group is an equal opportunity employer. We do not discriminate based on race, color, religion, sex, national origin, disability, age, or any other protected status under federal, state, or local law. Travel Up to 10% Shift Normal office hours that align with the core hours of the customer Note This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. This document does not create an employment contract, implied or otherwise, other than an "at will" relationship. Salary Description $150,000 - $160,000