Overview
Information Security Analyst/Threat Lead Jobs in Washington – District of Columbia – USA at Computer World Services (cws)corporation
Title: Information Security Analyst/Threat Lead
Company: Computer World Services (cws)corporation
Location: Washington – District of Columbia – USA
Type: Remote/Work from Home
Category: IT/Tech, Security
Position: Information Security Analyst (Threat Hunt Lead)
Job Description
The Threat Hunt (TH) Lead oversees a team responsible for proactively assessing data collected from various cyber defense tools to analyze events within organizational environments for identifying and mitigating threats. This role requires a deep understanding of cyber threats, advanced persistent threats (APTs), and the ability to leverage a variety of tools and techniques to hunt for indicators of compromise (IOCs) and adversary tactics, techniques, and procedures (TTPs).
Key Tasks and
Responsibilities
Actively hunt for indicators of compromise (IOCs) and advanced persistent threats (APT) Tactics, Techniques, and Procedures (TTPs) in the network and on hosts using tools such as Azure Sentinel, Power
BI, Tenable, and M365 Defender.
Analyze threat actor activity, identify intrusions, create detect ions, and track campaigns.
Analyze collected data to identify trends in the security environment.
Escalate threat and IOC details to the Cybersecurity team for implementing additional security controls.
Leverage Microsoft Sentinel security information and event (SIEM) tool and other monitoring tools for security monitoring and proactive threat hunting.
Utilize threat intelligence and open-source cybersecurity outlets to enhance TH operations.
Develop and implement playbooks and automation objects for threat hunting capabilities.
Manage security-related events/incidents using CUSTOMER and DHS ticketing systems.
Utilize CUSTOMER Security Orchestration and Automated Response (SOAR) tool for automating threat hunting and incident handling.
Research emerging threats and publish internal Threat Briefs.
Create reports and presentations on research and findings.
Recommend mitigation strategies based on IOCs and adversarial TTPs.
Collaborate with SOC and Cyber Security teams on research results.
Participate in DHS SOC status calls and working group meetings.
Support ad hoc meetings requiring TH expertise.
Update threat hunting status reports and act as backup briefer to Government at ITCSP weekly staff meetings.
Develop and maintain TH repository of findings and SOPs.
Support incident response efforts in
collaboration
with Cybersecurity and IT support teams.
Interface with DHS SOC and other agencies or companies as needed.
Provide threat hunting status reports to stakeholders.
Support efforts to advance the maturity level of threat hunting capabilities of the CUSTOMER SOC based on the DHS defined Maturity Model.
Support annual self-assessment of threat hunting capabilities against the DHS CSP maturity model.
Support threat hunting aspects of formal DHS CSP assessments and cybersecurity tabletop exercises.
Education
& Experience
Bachelor’s degree (preferred).
Minimum 10 years of overall IT experience.
5 years of experience in a lead role managing a Security Operations Center or Threat Hunting team.
3 years of experience performing proactive threat hunting duties.
3 years of experience leveraging SIEM and SOAR products (Microsoft Sentinel preferred) for threat hunting du…