Cyber Threat Intel Analyst

Integres, LLC is a Service-Disabled Veteran Owned Small Business (SDVOSB) which was established to provide high quality, insightful, agile information technology-based solutions to its customers. Integrity is a foundational element of everything we strive to do. We seek to develop solutions which respond to the evolving challenges that today’s organizations face using our own unique combination of industry best practices, and evolving techniques and technologies. We started Integres with the intent of building "a company with a soul". As such, we take a servant-leadership approach as the long-term strategy for our success. We are cultivating a corporate family culture which demands excellence and accountability while putting a premium on work/life balance. We empower and support our employees to contribute to achieving our corporate goals by interacting with our customers as true partners, rather than treating their engagement as just another job. We seek to be good corporate citizens and encourage and promote employee participation in community and volunteer work.

Duties and Responsibilities:

• Conduct all-source analysis, digital forensics, and targeted research to identify, monitor, assess, and counter the threat posed by criminal cyber actors. Utilize threat intelligence platforms and tools to mitigate potential threats to users, networks, and data.
• Respond to computer security incidents in compliance with Information Security Policies and Industry Best Practices. Coordinate the efforts of and provide timely updates to multiple sectors and business units during incident response. Additionally, the candidate will provide security related recommendations to the team as threat events unfold.
• Provide information and assessments for the purposes of informing leadership and users/customers.
• Perform network security analysis in support of Intrusion Detection operations including the development and enrichment of indicators used to enhance the network security posture.
• Contribute to a team of information security professionals analyzing threat data, writing reports, briefing event details to leadership, and coordinating remediation activities across multiple State agencies.
• Ensures technical security improvements are effective and maintained within configuration management structures.
• Ensures technology employed by the Security Monitoring Team compliments operational processes.
• On occasion, provide extended shift coverage with minimal travel required.
• Monitor various information security related platforms and forums including Recorded Future, Anomali ThreatStream, SANS Internet Storm Center, Krebs on Security, and other forums and mailing lists to stay up to date on current network threats, attack methodologies and trends.
• Analyze the potential impact of new threats and exploits and communicate risks to relevant leadership and business units.
• Monitor the State of Maryland networks to find anomalous or malicious activity using various analytical methods and Security Event and Incident Monitoring (SEIM) tools in a fast-paced operational environment.

Required Skills and Qualifications:

• Bachelor’s Degree in Computer Science/Computer Engineering, Information/Network Security, Cybersecurity, or related field with 5-7 years of related work experience; OR equivalent experience in lieu of degree.

Required Skills/Certifications:

• Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
• Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
• Coursework and previous experience directly related to Cyber Operations environment.
• Experience with Splunk, ServiceNow, Recorded Future, Anomali ThreatStream, and other cybersecurity tools as required.
• Ability to work in a team environment ability to taking initiative to understand and master new operating systems, security applications and open-source tools.
• Knowledge with Windows and Linux operating systems and common applications, working knowledge of and experience in detecting malicious code and methods of infection (ports, attachments, etc.).
• Knowledge of information systems security concepts and technologies; network architecture and tools; general database concepts; document management; hardware and software troubleshooting; intrusion tools; and open-source alternatives.
• Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects.
• Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).
• Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).

Required Certification(s):

At least one certification from the CSSP Incident Responder Category (CEH, CFR, CCNA Cyber Ops, CCNA-Security, CHFI, CySA+ **, GCFA, GCIH, SCYBER, PenTest+)

Min. Citizenship Status Required: US Citizen

Location: Crownsville, MD (on-site)

Integres offers competitive salaries bolstered by a comprehensive benefits package, which provides safety and security for our employees and their families.  Our generous benefits package includes:

• Healthcare and Insurance: medical, dental, vision, short and long-term disability protection, basic life and AD&D insurance
• 401(k) Savings Plan
• Accrued Paid Time Off (PTO)
• Employee Recognition and Rewards
• Employee Referral Bonuses

Integres is an equal opportunity affirmative-action employer.  We encourage Minority/Female/Protected Veteran/Disabled applicants to apply.  Integres, LLC proactively fulfills its role as an equal opportunity employer.  We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime, or Campaign Badge Veteran, Armed Forces services Medal, or any other characteristic protected by law.

All your information will be kept confidential according to EEO guidelines.