phia, LLC
Senior Cybersecurity Analyst (Threat Hunting and Pursuit)
phia, LLC, Lakewood, Colorado, United States,
At phia we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients.phia is hiring a
Senior Cybersecurity Analyst (Threat Hunting and Pursuit)
who can think like a cyber attacker and develop and implement creative methods to detect and thwart those behaviors. You’ll use your network defense experience and analytical skills to rapidly prototype and develop scripts to create haystacks and sift through the false positives to find patterns and indicators. Work with our team of cyber threat hunting experts to find the adversary in common blind spots and advise federal customers on ways to close gaps and harden their network. This job is performed on-site in Lakewood, CO (Denver area).
What You'll Do
Actively hunt threats on client networksInvestigate SIEM and other security application logs for suspicious and malicious behaviorsIdentify potential attack vectors and threat actor TTPs to support active network defenseInvestigate security incidents and provide detailed overview of the event from intrusion to mitigationCreate behavior-based detections to monitor for suspicious and malicious activityCollaborate with Cyber Threat Intelligence analysts and SOC analysts to jointly harden client networksReview, improve, and implement complex network detectionsTrain and mentor junior analysts on best practices and Blue Team TTPsEducation + Requirements
Bachelor’s Degree12+ years of cybersecurity/information assurance experience (defense or offense)Minimum of five (5) years technical experience effectively providing network and/or system administration, operations, and/or security testing and evaluationFamiliarity with the US Intelligence Community and using intelligence to support cyber defense/mitigation workFamiliarity with cyber hunt methodologiesExperience working cyber issues to include offensive or defensive TTPsUnderstanding of foreign capabilities in IT or OT environmentsExperience providing forensic and data analysis support to cyber issuesExperience with logging and data analysis platforms such as Kibana or SplunkExperience with data forensic tools, including Wireshark, Kali tools, encoders/decoders, etc.Experience working with Linux and command-line interfacesKnowledge of common malware functionality and operationsExperience writing technical reports and briefing leadershipAbility to provide on-site, full-time support in a client environmentRequired Certification (one or more of the following):
Minimum IAM or IAT Level III (i.e. one or more of CISSP, CCSP, CASP+CE, CISM, CISA, CCNP Security, GSLC, GCED, GCIH)Additional Preferred/Desired Certifications (or similar):
GIAC Certified Cyber Threat Intelligence (GCTI)GIAC Security Operations Certified (GSOC)GIAC Defending Advanced Threats (GDAT)GIAC Certified Incident Handler (GCIH)GIAC Enterprise Incident Response (GEIR)GIAC Certified Intrusion Analyst (GCIA)GIAC Certified Detection Analyst (GCDA)GIAC Certified Network Forensic Analyst (GNFA)GIAC Certified Forensic Analyst (GCFA)GIAC Critical Infrastructure Protection (GCIP)GIAC Response and Industrial Defense (GRID)Security Clearance:
U.S. CitizenshipActive Top Secret requiredAn agency background check is requiredDesired:
Experience in leading cyber exercisesExperience with reporting IT Security events and incidents in the time prescribed based on policies and proceduresExperience with effectively providing network or system administration, or computer operationsExperience with forensics tools, Encase, IDA PRO, or WiresharkExperience with US critical infrastructureExperience with analyzing ICS and SCADA trafficExperience with cyber operations center environmentsExperience with writing technical reports and briefing leadershipKnowledge of supporting the IC, national level system security initiatives, and secure Information, Local Area Network (LAN), and Wide Area Network (WAN) technologiesKnowledge of virtualizationExperience working in Purple Teams supporting Red and Blue Team exercises and testing
$150,000 - $180,000 a year#LI-LC1Who You AreA proactive problem solver that appreciates the challenges of working in a fast-paced, dynamic environment.Intellectually curious with a genuine desire to learn and advance your career.An effective communicator, both verbally and in writing.Customer service-oriented and mission-focused.Critical thinker with excellent problem-solving skills.If your experience and qualifications aren’t a match for this position, you will remain in our database for consideration for future opportunities that may be a better fit.Who We Arephia, LLC is a Northern Virginia-based, small business established in 2011 with a focus on Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, and Information Assurance/Security. we proudly support various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.phia values work-life balance and offers the following benefits to full-time employees:Comprehensive medical insurance to include dental and visionShort Term & Long-Term Disability401k Retirement Savings Plan with Company MatchTuition and Professional Development AssistanceFlex Spending Accounts (FSA)phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in the provision of employment opportunities and benefits.
#J-18808-Ljbffr
Senior Cybersecurity Analyst (Threat Hunting and Pursuit)
who can think like a cyber attacker and develop and implement creative methods to detect and thwart those behaviors. You’ll use your network defense experience and analytical skills to rapidly prototype and develop scripts to create haystacks and sift through the false positives to find patterns and indicators. Work with our team of cyber threat hunting experts to find the adversary in common blind spots and advise federal customers on ways to close gaps and harden their network. This job is performed on-site in Lakewood, CO (Denver area).
What You'll Do
Actively hunt threats on client networksInvestigate SIEM and other security application logs for suspicious and malicious behaviorsIdentify potential attack vectors and threat actor TTPs to support active network defenseInvestigate security incidents and provide detailed overview of the event from intrusion to mitigationCreate behavior-based detections to monitor for suspicious and malicious activityCollaborate with Cyber Threat Intelligence analysts and SOC analysts to jointly harden client networksReview, improve, and implement complex network detectionsTrain and mentor junior analysts on best practices and Blue Team TTPsEducation + Requirements
Bachelor’s Degree12+ years of cybersecurity/information assurance experience (defense or offense)Minimum of five (5) years technical experience effectively providing network and/or system administration, operations, and/or security testing and evaluationFamiliarity with the US Intelligence Community and using intelligence to support cyber defense/mitigation workFamiliarity with cyber hunt methodologiesExperience working cyber issues to include offensive or defensive TTPsUnderstanding of foreign capabilities in IT or OT environmentsExperience providing forensic and data analysis support to cyber issuesExperience with logging and data analysis platforms such as Kibana or SplunkExperience with data forensic tools, including Wireshark, Kali tools, encoders/decoders, etc.Experience working with Linux and command-line interfacesKnowledge of common malware functionality and operationsExperience writing technical reports and briefing leadershipAbility to provide on-site, full-time support in a client environmentRequired Certification (one or more of the following):
Minimum IAM or IAT Level III (i.e. one or more of CISSP, CCSP, CASP+CE, CISM, CISA, CCNP Security, GSLC, GCED, GCIH)Additional Preferred/Desired Certifications (or similar):
GIAC Certified Cyber Threat Intelligence (GCTI)GIAC Security Operations Certified (GSOC)GIAC Defending Advanced Threats (GDAT)GIAC Certified Incident Handler (GCIH)GIAC Enterprise Incident Response (GEIR)GIAC Certified Intrusion Analyst (GCIA)GIAC Certified Detection Analyst (GCDA)GIAC Certified Network Forensic Analyst (GNFA)GIAC Certified Forensic Analyst (GCFA)GIAC Critical Infrastructure Protection (GCIP)GIAC Response and Industrial Defense (GRID)Security Clearance:
U.S. CitizenshipActive Top Secret requiredAn agency background check is requiredDesired:
Experience in leading cyber exercisesExperience with reporting IT Security events and incidents in the time prescribed based on policies and proceduresExperience with effectively providing network or system administration, or computer operationsExperience with forensics tools, Encase, IDA PRO, or WiresharkExperience with US critical infrastructureExperience with analyzing ICS and SCADA trafficExperience with cyber operations center environmentsExperience with writing technical reports and briefing leadershipKnowledge of supporting the IC, national level system security initiatives, and secure Information, Local Area Network (LAN), and Wide Area Network (WAN) technologiesKnowledge of virtualizationExperience working in Purple Teams supporting Red and Blue Team exercises and testing
$150,000 - $180,000 a year#LI-LC1Who You AreA proactive problem solver that appreciates the challenges of working in a fast-paced, dynamic environment.Intellectually curious with a genuine desire to learn and advance your career.An effective communicator, both verbally and in writing.Customer service-oriented and mission-focused.Critical thinker with excellent problem-solving skills.If your experience and qualifications aren’t a match for this position, you will remain in our database for consideration for future opportunities that may be a better fit.Who We Arephia, LLC is a Northern Virginia-based, small business established in 2011 with a focus on Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, and Information Assurance/Security. we proudly support various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.phia values work-life balance and offers the following benefits to full-time employees:Comprehensive medical insurance to include dental and visionShort Term & Long-Term Disability401k Retirement Savings Plan with Company MatchTuition and Professional Development AssistanceFlex Spending Accounts (FSA)phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in the provision of employment opportunities and benefits.
#J-18808-Ljbffr