CYBER THREAT INTELLIGENCE ANALYST

Overview:

_{Quantum Research International, Inc. (Quantum) provides our national defense and federal civilian and industry customers with services and products in the following main areas: 1) Cybersecurity and Information Operations; 2) Space Operations and Control; 3) Aviation Systems; 4) Ground, Air and Missile Defense, and Fires Support Systems; 5) Intelligence Programs Support; 6) Experimentation and Test; 7) Program Management; and (8) Audio/Visual Technology Applications. Quantum's Corporate Office is located in Huntsville, AL, but Quantum actively hires for positions nationwide and internationally. We pride ourselves on providing high quality support to the U.S. Government and our Nation's Warfighters. In addition to our corporate office, we have physical locations in Aberdeen, MD; Colorado Springs, CO; Crestview FL; Orlando, FL, and Tupelo, MS}

Mission:

Quantum is seeking a Cyber Network Threat Analyst to work as a member of their Cyber Threat Intelligence Team.

Responsibilities:

• Perform network traffic analysis to identify anomalies and potential threats.
• Research emerging threats.
• Provide evaluations on the latest threats to customer's networks and data as well as suggestions and recommendations to counter these threats.
• Support incident response by providing threat actor TTP's, known indicators of compromise, and analysis to aid in the incident response process.
• Develop custom signatures for security devices to detect known and unknown threats.
• Provide briefings to customer's senior officials on various topics including but not limited to: emerging threats, APT's, and recommendations for improving security posture.

Minimum Qualifications:

• BS degree in Computer Science, Computer/Electrical Engineering, MIS or equivalent field of study. Years of experience (3 years plus preferred) and certifications/training may be accepted in lieu of Degree (e.g., Security , Cybersecurity Analyst/CySA , Cyber Threat Intelligence/GCTI).
• Experience in identifying and evaluating emerging and persistent threats, trends, TTPs, attribution, or threat hunting.
• Experience with analyzing multiple disparate data sources (passive DNS, threat feeds, vulnerabilities, attack surface, etc.) to enrich and aid in threat tracking/analysis.
• Experience with analyzing NetFlow to identify malicious activity.
• Experience with Splunk
• Experience with threat intelligence tools and databases.
• Experience with open source (OSINT) research (social media, blogs, IRC, deep/dark web, message boards).
• Knowledge of network and/or operating systems security (Intrusion Detection/Prevention Systems, Firewalls).
• Active Top Secret / Sensitive Compartmented Information (TS/SCI).

Preferred Qualifications:

• Knowledge of security operations and incident response technologies and methodologies.
• Knowledge of scripting languages
• Experience in network and/or host-based forensics.
• Experience with analyzing vulnerabilities to determine realistic impact/risk to customer's network.
• Basic static/dynamic malware analysis.
• Selected applicants will be subject to a government security clearance investigation and must meet eligibility requirements for access to classified information.

Equal Opportunity Employer/Affirmative Action Employer M/F/D/V:

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic protected by law. *Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.