Gravity IT Resources

Job Title: Sr. Cyber Network Security Engineer/ Threat Analyst 

Location: Huntsville, AL

Job-Type: Contract/Contract to Hire

Referral Fee: $1200+

Employment Eligibility: Gravity cannot transfer nor sponsor a work visa for this position. Applicants must be eligible to work in the U.S. for any employer directly 

Position Overview:

Our client provides our national defense and federal civilian and industry customers with services and products in the following main areas: 1) Cybersecurity and Information Operations; 2) Space Operations and Control; 3) Aviation Systems; 4) Ground, Air and Missile Defense, and Fires Support Systems; 5) Intelligence Programs Support; 6) Experimentation and Test; 7) Program Management; and (8) Audio/Visual Technology Applications. Our client's Corporate Office is located in Huntsville, AL, but they actively hire for positions nationwide and internationally. Our client prides themselves on providing high quality support to the U.S. Government and our Nation's Warfighters.

Job Description/Responsibilities

• Perform network traffic analysis to identify anomalies and potential threats.
• Research emerging threats.
• Provide evaluations on the latest threats to customer's networks and data as well as suggestions and recommendations to counter these threats.
• Support incident response by providing threat actor TTP's, known indicators of compromise, and analysis to aid in the incident response process.
• Develop custom signatures for security devices to detect known and unknown threats.
• Provide briefings to customer's senior officials on various topics including but not limited to: emerging threats, APT's, and recommendations for improving security posture. 
• BS degree in Computer Science, Computer/Electrical Engineering, MIS or equivalent field of study
• Experience in identifying and evaluating emerging and persistent threats, trends, TTPs, attribution, or threat hunting desired.
• Experience with analyzing multiple disparate data sources (passive dns, threat feeds, vulnerabilities, attack surface, etc) to enrich and aid in threat tracking/analysis.
• Experience with analyzing NetFlow to identify malicious activity.
• Experience with threat intelligence tools and databases preferable.
• Technical Degree desired, but years of experience and certifications/training may be accepted in lieu of Degree (e.g. Security+, Cybersecurity Analyst/CySA+, Cyber Threat Intelligence/GCTI, Cyber Analyst Course). Experience with open source (OSINT) research (social media, blogs, IRC, deep/dark web, message boards) a plus.
• Knowledge of network and/or operating systems security (Intrusion Detection/Prevention Systems, Firewalls) desired.  Knowledge of security operations and incident response technologies and methodologies a plus.
• Knowledge of scripting languages is a plus (Python, Powershell, Perl, etc.)
• Experience in network and/or host-based forensics is a plus.
• Experience with analyzing vulnerabilities to determine realistic impact/risk to customer's network is a plus but not required.
• Basic static/dynamic malware analysis is a plus but not required.  
• Selected applicants will be subject to a government security clearance investigation and must meet eligibility requirements for access to classified information.