Tyto Athene, LLC
Lead Cyber Watch Analyst
Tyto Athene, LLC, Arlington, Virginia, United States, 22201
Job Description
Tyto Athene is searching for a
Lead Cyber Watch Analyst to support our customer in Arlington, Virginia.
Responsibilities:
Utilize security tools to analyze, investigate, and triage security alerts Coordinate the monitoring of our customers environments, including cloud and SaaS solutions for evidence of adversarial activity Lead cross-functional teams to perform in-depth analysis and investigation of high-priority cybersecurity incidents Utilize advanced tools, such as digital forensics or malware analysis capabilities, to identify incidents’ root causes, scope, and impact Collaborate with cyber threat hunting and cyber threat intelligence teams Serve as the primary incident point of contact with law enforcement, third-party vendors, and other external parties Conduct post-incident analysis and lessons learned to identify improvement opportunities Develop or tune detection rules or signatures to improve the effectiveness of security monitoring and collaborate with engineering teams to implement them Accurately document triage findings, and intake reports of external cybersecurity events from SOC customers via phone or email in the SOCs Incident Management System(IMS) Learn new open and closed-source investigative techniques Perform research on emerging threats and vulnerabilities to aid their prevention and mitigation Assist in developing and implementing initiatives that will enhance the SOC’s performance (e.g., SOPs, playbooks, capability deployments) Escalate SOC performance issues or risks to management Provide guidance and mentorship to Tier 1 and Tier 2 SOC Analysts to enhance their skills and capabilities Required:
Bachelor’s degree in Computer Science, Information Technology, or related field and 8 years of relevant experience or a Master’s degree and 4 years. CISSP or CEH certification; additional experience, formal training, certifications, and/or education may be substitutable at the client's discretion Experience in some of the following tools and technologies: EDR and SIEM The ability to take the lead on incident research and mentor junior analysts Understanding of MITRE ATT CK and D3FEND Knowledge of advanced attacker tools, techniques, and procedures (TTP) Current malware campaigns TTPs Experience with malware analysis Experience with digital forensics tools and case procedures Knowledge of enterprise architecture including zero trust principles Knowledge of Windows and Linux file systems Common phishing techniques and how to investigate them Proficiency in technical writing Experience in customer service or client-facing roles Experience presenting and speaking to leadership The ability to mentor Tier 1 and Tier 2 analysts Desired:
Previous SOC or incident response experience Working knowledge of regex and scripting languages is highly preferred Additional relevant certifications such as those from GIAC or CompTIA Experience with major cloud service provider offerings Knowledge of offensive security tools and techniques Experience with cyber threat intelligence gathering and analysis Experience with cyber threat hunting
Clearance: Active Secret Clearance required
Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
Additional Information
After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.
Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it's time to join Team Tyto!
Tyto Athene is searching for a
Lead Cyber Watch Analyst to support our customer in Arlington, Virginia.
Responsibilities:
Utilize security tools to analyze, investigate, and triage security alerts Coordinate the monitoring of our customers environments, including cloud and SaaS solutions for evidence of adversarial activity Lead cross-functional teams to perform in-depth analysis and investigation of high-priority cybersecurity incidents Utilize advanced tools, such as digital forensics or malware analysis capabilities, to identify incidents’ root causes, scope, and impact Collaborate with cyber threat hunting and cyber threat intelligence teams Serve as the primary incident point of contact with law enforcement, third-party vendors, and other external parties Conduct post-incident analysis and lessons learned to identify improvement opportunities Develop or tune detection rules or signatures to improve the effectiveness of security monitoring and collaborate with engineering teams to implement them Accurately document triage findings, and intake reports of external cybersecurity events from SOC customers via phone or email in the SOCs Incident Management System(IMS) Learn new open and closed-source investigative techniques Perform research on emerging threats and vulnerabilities to aid their prevention and mitigation Assist in developing and implementing initiatives that will enhance the SOC’s performance (e.g., SOPs, playbooks, capability deployments) Escalate SOC performance issues or risks to management Provide guidance and mentorship to Tier 1 and Tier 2 SOC Analysts to enhance their skills and capabilities Required:
Bachelor’s degree in Computer Science, Information Technology, or related field and 8 years of relevant experience or a Master’s degree and 4 years. CISSP or CEH certification; additional experience, formal training, certifications, and/or education may be substitutable at the client's discretion Experience in some of the following tools and technologies: EDR and SIEM The ability to take the lead on incident research and mentor junior analysts Understanding of MITRE ATT CK and D3FEND Knowledge of advanced attacker tools, techniques, and procedures (TTP) Current malware campaigns TTPs Experience with malware analysis Experience with digital forensics tools and case procedures Knowledge of enterprise architecture including zero trust principles Knowledge of Windows and Linux file systems Common phishing techniques and how to investigate them Proficiency in technical writing Experience in customer service or client-facing roles Experience presenting and speaking to leadership The ability to mentor Tier 1 and Tier 2 analysts Desired:
Previous SOC or incident response experience Working knowledge of regex and scripting languages is highly preferred Additional relevant certifications such as those from GIAC or CompTIA Experience with major cloud service provider offerings Knowledge of offensive security tools and techniques Experience with cyber threat intelligence gathering and analysis Experience with cyber threat hunting
Clearance: Active Secret Clearance required
Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
Additional Information
After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.
Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it's time to join Team Tyto!