Cybersecurity Threat Analyst 1

at ECS Federal, LLC
Location Fairfax, VA
Date Posted July 13, 2020
Category Default
Job Type Full-time


ECS is seeking a Cybersecurity Threat Analyst 1 to work in our Fairfax, VA office.   

Job Description:

  • Work with a 24/7 team of new and experienced analysts to improve their skill and value to the team.
  • Evaluate new methodologies to support investigating cyber security incidents and provide reviews and recommendations.
  • Drive the hunting of threats within the internal network and assist with hunting methodologies for customers.
  • Support investigation of large- and small-scale cyber breaches.
  • Develop new capabilities to enhance the analysis of ingested data.
  • Understand current exploits, attack methodology, and detection techniques using a wide variety of security products including COTS and open source.
  • Manage cyber threat intel sources and a threat intelligence platform.
  • Analyze intelligence from both internal threat intelligence data as well as leverage external sources.
  • Experience with intrusion detection software, Bro, Suricata, Snort and commercial capabilities.
  • Experience tracking and identifying threat actors.
  • Utilize the SIEM (McAfee Security Enterprise Security Manager) to correlate events and identify indicators of threat activity.
  • Perform endpoint detection and response with a variety of commercial and open source tools.
  • Conduct analysis of multiple data sources to identify indicators of compromise.
  • Communicate cyber events to internal stakeholders, both verbally and via written reports.
  • Potential for off duty work and other tasks assigned 

Required Skills:

  • Undergraduate degree in computer science, engineering, information science or a related technical discipline preferred
  • 1-2+ years of related experience in cybersecurity or computer network defense
  • Demonstrated relevant experience as a key member of a threat intel, incident response, malware analysis, or similar team.
  • Tangible experience combatting APT activity is a distinguishing factor
  • Ability to speak to the Mitre ATT&CK Framework a plus
  • Prior experience with McAfee Enterprise Security Manager and Crowdstrike Falcon desirable.  
  • Ability to support ad hoc python script is not required, but highly desired if candidate has the capability.
  • Willingness to travel up to 25%.

Desired Skills:

  • Security+, CEH, or GSEC certification

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.