Job Description

Everforth ECS is seeking a Senior Cyber Incident Analystto work in our Arlington, VA office.

ECS is seeking talented professionals to join our successful and growing team supporting the Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC)The JCDC is CISA’s flagship initiative for uniting government, industry, and international partners to proactively defend against cyber threatsOur ECS team is at the center of providing support to JCDC as they continue to plan, share, and respond to cyber threats in real time to support the greater cyber community, and we are looking to grow our team supporting this critical mission.

We are seeking a highly skilled and experienced Sr. Cyber Incident Analyst to join our team.

The successful candidate will foster collaboration and communication within a team of incident coordinatorsanalysts, develop and implement playbooksmitigation strategies supporting cyber threats and incident management, have expert-level communications skills that enable stakeholder and customer actions and decisionenablement. This role requires a strong understanding of cybersecurity principles, threat intelligence, and risk management.

The ideal candidate will provideincident management support for coordination with stakeholders and executivesgovernment leaders, providetechnical guidance for root cause analysis, risk and mitigation strategies and documentation of post-incident analysis/reporting. Familiarity with knowledge management tools such as Confluence or SharePoint to document workflows and communication methodsIncluding alignment with industry frameworks such as MITRE ATT&CK for incident management and cyber threat intelligence mapping, CVE and DHS/CISA KEV tracking. They will also collaborate with otherteams to satisfy customer requirements and develop and implement technical solutions to advance Threat Hunting, Incident Management,and Risk Mitigationcapabilities within FCEB, SLTT and Partner communities

Responsibilities:

• Create written guidance and recommendations to assist JCDC partners with solutions for active and ongoing cyber threats.

• Maintain and develop SOPs for current processes to streamline workflows.

• Analyze, develop and provide recommendations for process improvements to the customer.

• Perform analysis on active cyber incidents, events and vulnerabilities to provide guidance and targeted recommendations for mitigation efforts.

• Conduct threat intelligence research and analysis to stay up-to-date on emerging technologies, threats and trends Then apply this knowledge to develop efficient cyber risk mitigation strategies.

• Oversee the translation of strategic products into clear, practical formats that are tailored to the specific needs and operational constraints of different stakeholder groups, including large and small jurisdictions and critical infrastructure (CI) partners

• Provide tailored vulnerability mitigation recommendations and contextualized examples to stakeholders to address implementation challenges and encourage rapid adoption

Qualifications

• US Citizenship withthe ability to obtain and maintain DHS (Suitability) EOD/ Public Trust

• On-site 3-5 days per week in Arlington, VA

• Active Top Secret Clearance and SCI eligible.

• 10+ Years of previous experience in a threat intelligence, cyber security, incident response, or similar role

• Ability to expertly analyze and produce reports onactive cyber threats, including but not limited to, phishing, malware, and ransomware attacks

• Proven understanding of cybersecurity frameworks such as MITRE ATT&CK

• Proven understanding of computer and network fundamentals

• Strong understanding of computer architecture, operating systems, vulnerabilities, encryption, or other areas of expertise

• Ability to perform in-depth research tasks and produce written technicalsummaries to include insights and predictions based on an analytical process

• Expert level experience with developing, documenting, and maintaining Standard Operating Procedures.

• Excellent written and oral communication skills

• Ability to develop cyber threat reporting products that address risks and mitigation strategies using both OSINT and COTS solutions

• Familiarity with AI/ML concepts and applications that support Workflow and Incident Management process improvements.

• Proficiency with Confluence for creating, organizing, maintaining, and collaborating on technical and operational documentation