KEYW Corporation

  • Threat Analyst

    Job Locations 4 days ago(11/15/2018 10:53 AM)
    # of Openings
    Posted Date
    Cyber Security
    Default: Location : Location
    Job Locations
  • Overview

    KeyW is seeking passionate professionals skilled in the art of Cyber Security. Analysts should be familiar with many different CND tools and capabilities. Analysts are instrumental in detecting, responding to threats, and assisting with forensic investigations. You must be capable of developing detection analytics in different tools. Are you looking for a fast paced environment filled with exciting challenges? Are you looking for a job that allows for growth in many skillsets? This is it!


    Responsibilities Include:

    • Reports to SOC Team Lead
    • Develop threat analytics to aid in detection of emerging threats
    • Incident Response Team Member – Assist with findings, remediation, and review of events
    • Daily checks for CTOC services
    • Research on emerging threats using open source data sets
    • Splunk Analysis
      • Review and Analyze Alerts (Close alerts with speed and efficiency)
      • Conduct Threat Hunting when no open alerts are available
      • Create data correlations and alerts based on discovered activity
      • Review elevated alerts from Jr Network Threat Support Specialists (JNTSS) Tier 1
      • Elevate Critical alerts for tier 3 analysis
    • Bro Analysis
      • Custom Rule Sets Testing and Creation
      • Review and analyze alerts
      • Review Bro logs for anomalous activity in support of hunting activity
    • Snort Analysis
      • Testing and review of rules to ensure proper execution against network traffic
      • Review and analyze Alerts
    • Packet Analysis
      • Deep packet inspection in support of hunting activity
    • Exercise Execution
      • Participate in RED/BLUE exercises and report after action recommendations to Team Lead


    Desired Skills:

    • Familiar with network terminology and protocol behavior
    • Familiar with open source CND tools (Bro, Snort, ELK, Moloch)
    • Familiar with rule creation based on signature and behaviors
    • Familiar with Encase, FTK or other forensic suites
    • Familiar with memory forensics
    • Familiar with scripting and automation tools and techniques
    • Familiar with AWS, Azure, Google Cloud function and networking
    • Skilled in *Nix, Windows
    • Skilled in Analysis
    • Skilled in report writing and briefing senior staff

    Experience and Education: 

    • 3+ years of experience in analysis in SOCs or similar Computer Network Defense (CND) capacity (or comparable skills)
    • 5+ years of experience in supporting clients in IT Security, Cyber Security or Information Security
    • At least experienced in one or more of the following tools: Bro, Snort, Splunk or similar SIEM
    • Required: IAT Level II DOD 8410 valid certification
    • Preferred: CSSP Analyst or CSSP Incident Responder DOD 8140 valid certification

    About the Organization

    KeyW is a pure-play national security solutions provider for the Intelligence, Cyber and Counterterrorism Communities' toughest challenges. We support the collection, processing, analysis and dissemination of information across the full spectrum of their missions. We employ and challenge more than 2,000 of the most talented professionals in the industry with solving such complex problems as preventing cyber threats, transforming data into intelligence and combating global terrorism.


    KeyW, together with its direct and indirect subsidiaries, encourages and actively supports a policy of Equal Employment Opportunity and commits to provide equal opportunity to each individual, regardless of race, color, religion, gender, sexual orientation, age, national origin or ancestry, marital status, veteran status, disability or any other classifications protected by Federal, State or local law. In fact, we foster an environment that promotes diversity, balance and fun—because we believe in the importance of having a workplace as unique as the challenges we solve.


    Clearance Requirement: This position requires a TS/SCI Security Clearance, based on current background investigation. 


    KeyW is an EEO employer. We are committed to providing fair and equal employment consideration, regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status or disability.


    How to Apply?

    Please click apply on the right.


    Recruiting Point of Contact:


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share to your network!

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.