Senior Cybersecurity Threat Analyst – TS/SCI w/poly – United States

at CH2M & Jacobs
Location Fort Meade, MD
Date Posted February 1, 2019
Category Default
Job Type Full-time



Jacobs National Security Solutions (NSS) provides world-class IT network and service management capabilities; cutting edge cyber threat awareness and cybersecurity solutions; innovative web- and software applications development; and advanced data analytics for major clients in the Intelligence Community, Department of Defense, and Federal Civilian Agencies.

Our forward thinking solutions deliver an integrated approach to IT network design and management, full lifecycle IT service management, IT service delivery, asset management, logistics and procurement, and vendor management. We leverage the expertise and passion of our employees to conduct identity and access management, penetration testing, and vulnerability assessments for our nations most closely guarded agencies and networks. Our Cyber Security Operations Centers ensure safe, effective network operations for Federal clients while our data scientists are helping stop illegal acts before they can endanger Americans or our way of life.

Jacobs promotes a culture of operational excellence to create a safer, smarter, and more connected world while upholding the highest standards of compliance, quality and integrity.

We continue to thrive and need your talent and motivation to help propel us farther, faster.

Jacobs is currently seeking a Senior Cybersecurity Threat Analyst to support our customer in the Columbia, MD area. In this role the Cybersecurity Threat Analyst will provide the following Discovery and Hunting Operations tasks in support of the customers networks, systems, and applications:

  • Discover and characterize network and platform anomalies to include cross domain violations and submit findings to the Reporting Team Lead for analysis and report generation
  • Monitor, identify and analyze anomalous network activities on various networks
  • Conduct multi-source threat analyses to examine host behaviors and network traffic for high priority malicious attacks, anomalous traffic, or other incidents of interest, as well as generate reports as appropriate
  • Integrate Cyber Threat Intelligence to inform customer on newly discovered threats and vulnerabilities associated with the technologies used in the enterprise for the purpose of developing hunt analytics. Any shareable vulnerability information will be made available for traditional tipping and alerting to the broader customer base
  • Monitor adversarial capabilities, exploits, vulnerabilities, mitigation techniques, and best practices information and guidance through all-source research
  • Identify areas for deeper dive analysis of threat and vulnerabilities
  • Examine network topologies to understand data flows through networks and provide mechanisms to tip countermeasures
  • Employ analysis and tools to discover new threat actors
  • Implement the applicable reporting guidelines outlined in applicable directives and guidance
  • Conduct research and planning required for strategy development in response to real-time operational requirements
  • Identify and document gaps in all data (e.g., netflow, syslog, etc.) that affect the customer mission in order to determine how to better posture mission capabilities
  • Develop, document and synchronize the recommendations and the tasking of signatures and Yara rule sets across sensors e.g., IDS, FW, etc. used by the customer


Basic Qualifications:

  • Typically requires a Bachelor of Science degree in Information Technology, IT Security, Network Systems Technology or related field or equivalent experience, plus eight (8) to twelve (12) years of directly related experience or any equivalent combination of education, experience, training and certifications. 
  • Masters Degree in Computer Science or IT Engineering or related field of study may be substituted for six years of experience
  • Knowledge of systems configuration and management of firewalls, IDS, servers and work stations
  • Experience with Red Team and/or Penetration Testing
  • Knowledge of incident categories, incident responses, and timelines for responses
  • Experience collecting data and reporting results; handling and escalating security issues or emergency situations appropriately; providing incident response capabilities to isolate and mitigate threats to maintain confidentiality, integrity, and availability for protected data
  • Demonstrated experience supporting external investigations
  • Familiarity with software development and network operations concepts and methodologies
  • Advanced knowledge of information systems security concepts and technologies; network architecture; general database concepts; document management; hardware and software troubleshooting; intrusion tools; and computer forensic tools such as EnCase and open source alternatives 
  • Experience with the Windows and Linux operating systems 
  • Experience with investigating malicious code
  • Experience with scripting (Powershell, Python, Java)
  • Experience with Wireless and SCADA is highly desired
  • Active TS/SCI with a polygraph

Additional Qualifications:

  • Demonstrated ability to apply technical and analytical skills in a security environment 
  • Ability to correlate incident data to identify specific vulnerabilities and make recommendations that enable remediation
  • Tier III Analyst experience, Network Analytics, Incident Investigations, Reverse Engineering and Malware Analysis, Task Prioritization
  • Strong comfort level with IPv4, TCP/IP, and RFC data, low level networking and protocols, TCP/UDP Ports for Apps, and understanding of what is normal/abnormal endpoint and on-wire activity
  • Knowing how to string together data, what questions to ask, what activities will point to a target that we care about
  • Ability to think outside the box and not willing to settle for conventional wisdom
  • Experience in Cloud Environment using cloud analytics and PIG scripts/jobs to present data and using the Hadoop Distributed File System
  • Use of SIEMs or scripting to pull data into usable formats. Notification sources are Antivirus, HIDS, NIDS, IPS, and Firewalls
  • Ability to work extremely well under pressure while maintaining a professional image and approach 
  • Exceptional information analysis abilities; ability to perform independent analysis and distill relevant findings and root cause 
  • Strong analytical writing skills to articulate complex ideas clearly and effectively; experience creating and presenting documentation and management reports
  • Ability to listen, understand and translate client requirements
  • Ability to effectively manage conflict, and affect adequate solutions
  • Strategic planning skills, organizational skills, operating skills, and strong leadership

*Sign on bonus is only applicable to external hires*
Essential Functions:
Physical Requirements:

  • Working at a computer or desk (Considerations: Sitting, Eyes, Hands)
  • May involve long periods of sitting

Work Environment:

  • An inside office environment (Considerations: Closed quarters, lighting, and temperature fluctuations)
  • Needs to be able to work well with and support co-workers and clients
  • Needs to have clear, concise and accurate communication skills

Equipment and Machines:

  • Standard office equipment and machines, computer workstation


  • Punctuality and regular attendance are necessary to meet deadlines
  • Regular attendance is necessary and required

Other Essential Functions:

  • Must be able to communicate effectively
  • Must demonstrate professional behavior at all times when dealing with clients, management and employees
  • Grooming and dress must be appropriate for the position and must not impose a safety risk to the employee or others
  • Must be able to support and work in a proactive team environment
  • Must hold the safety of yourself and those around you as the number one priority in the workplace


Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law. Jacobs is a background screening, drug-free workplace.

About Jacobs

Jacobs leads the global professional services sector delivering solutions for a more connected, sustainable world.

With $15.0 billion in combined revenue and a talent force more than 77,000 strong, Jacobs provides a full spectrum of services including scientific, technical, professional, construction- and program-management for business, industrial, commercial, government and infrastructure sectors.

For more information, visit web address removed>