1404 Cybersecurity jobs in Reston

Our client is looking for a highly skilled and proactive Senior Cybersecurity Threat Intelligence Analyst to join their elite security operations team in Washington, D.C., US . This position plays a crucial role in safeguarding the organization's digital assets by identifying, analyzing, and disseminating actionable threat intelligence. The Senior Analyst will be responsible for monitoring global threat landscapes, tracking advanced persistent threats (APTs), and developing proactive defense strategies. Key responsibilities include conducting in-depth research on emerging cyber threats, vulnerabilities, and attacker tactics, techniques, and procedures (TTPs). You will analyze threat data from various sources, including open-source intelligence (OSINT), technical indicators, and proprietary feeds, to produce comprehensive threat intelligence reports. The role involves collaborating with incident response teams, security engineering, and IT operations to integrate intelligence into defensive measures. You will also be responsible for developing and maintaining threat models, conducting vulnerability assessments, and providing strategic guidance on cybersecurity best practices. A Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field is required; a Master's degree is preferred. A minimum of 7 years of experience in cybersecurity, with at least 4 years focused on threat intelligence, incident response, or security operations, is essential. Deep understanding of various threat actor groups, malware analysis, network security, and common attack vectors is mandatory. Certifications such as CISSP, GIAC, or CEH are highly valued. Excellent analytical, critical thinking, and communication skills are necessary to effectively convey complex technical information. Join our team and help us stay ahead of evolving cyber threats.

Ready to be pushed beyond what you think you're capable of?
At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system.
To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems.
Our is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be.
While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.
Security is a primary competency at Coinbase, and the Threat Intelligence team within Security Operations keeps a watchful eye over every aspect of it. Every day, we go to battle against some of the most sophisticated attackers in the world to protect billions of dollars worth of digital assets and ensure that our customers and employees can enjoy a safe, trusted experience. As Coinbase scales globally, our team is scaling along with it, using a blend of tooling, automation, and strategic team growth to ensure that we're well-equipped to protect the next billion users of crypto.
Join our dynamic threat intelligence team at Coinbase to enhance our threat intelligence platform. Your work will directly support our mission of securing crypto assets by developing capabilities within Vertex Synapse to address the evolving needs of our stakeholders and enhance the efficacy of our threat detection and response.
*What you'll be doing (ie. job duties):*
* Develop and integrate external and internal enrichments and power-ups with Vertex Synapse
* Collect and support stakeholder intelligence needs through tool development within Vertex Synapse to satisfy collection management requirements
* Quickly create and fine-tune tools to improve security operations processes and ensure the tools integrate into data processing pipelines
* Enhance the efficiency of processes within Vertex Synapse related to the collection, analysis, storage, tagging, and enrichment of indicators of compromise (IoCs) and associated data to improve the detection and mitigation of cyber threats
* Work closely with security operations teams to align on collection requirements and translate operational requirements into technical specifications
*What we look for in you (ie. job requirements):*
* 3+ years of experience developing enrichments, automations, and tagging in threat intelligence platforms, specifically Vertex Synapse
* Technical proficiency in software development, including demonstrable experience in creating and maintaining security tools
* Exceptional analytical skills to dissect complex problems and synthesize actionable insights, supported by an ability to discover opportunities for unique data correlations
* Ability to rapidly prototype and iterate tool development to adapt to evolving threat intelligence needs
* Experience managing security telemetry data
* Excellent communication skills and a collaborative mindset to work efficiently with cross-functional teams
Job #: P70662
*Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, vision and 401(k)).
Pay Range:
$144,500-$170,000 USD
Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying.
Commitment to Equal Opportunity
Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the in certain locations, as required by law.
Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations Data Privacy Notice for Job Candidates and Applicants
Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available Disclosure
For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description.
For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate.
*The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations(at)coinbase.com

Job Description

The Cybersecurity Operations Associate Analyst is primarily responsible to monitor, analyze, and resolve onprem and cloud network security devices, security tools, and systems issues. This position will manage technical support requests directly from users as well as prioritize escalations from other team members and field engineers. Our engineers are responsible for maintaining application uptime and improving their computing experiences through effective maintenance, problem identification and resolution activities.

The position requires an in-depth understanding of how logical and physical connectivity issues can affect network and systems security posture and transaction quality.

Essential Functions:

· Monitor, analyze, and resolve network/cloud security devices, systems, and tools incidents

· Troubleshoot issues stemming from configurations on platforms such as firewalls including web application firewalls, proxies, distributed denial of service systems, data labeling and loss systems, and host-based security controls

· Follow both work instruction playbooks and runbook automations activities. Provide feedback to modify and suggest changes to work instructions for similar impacting events

· Understand and work within established Service Level Agreements (SLA) to ensure timely response

· Support and promote Visa’s Cybersecurity operation standards and excellence

· Continuous improvement of core functions expected from Cybersecurity Operations Center

· Track, update, and resolve all assigned incidents, changes, and problem reports in the incident management system, ensuring that documentation is thorough, accurate, and meets a standard of high quality

· Follow documented support procedures, managing each issue through resolution or turnover to maintain established service levels

· Solicit feedback of documented procedures to accurately record resolution and ensure client satisfaction

· Measure and review work instructions for accuracy of execution and to drive toward objective response and restoration time frames. Review and solicit improvements through second level support groups and peers

· Maintain and achieve new technical skills through in-house or external trainings by engineering or higher-level support teams

· Modify and create work instructions or Recipes to prepare for similar impacting events and allow for a quicker response. Constantly review work instructions for accuracy and ask for improvements through second level support groups

· Lead, support, or contribute based on various incident bridges stewardship in support of timely resolution of internal issues

· Proactively monitor, recognize, analyze, isolate and/or resolve documented hardware and software problems utilizing a variety of hardware and software testing techniques

· Articulate problem statements with clarity. Consult with L2 support groups or development teams to drive toward long-term restoration and resolution of incidents

· Responsible for the internal and external communication of issues to management, other internal support groups, customer pages, email broadcasts, or verified phone calls

This is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager.

Qualifications:
Qualifications

• Basic Qualifications :
Bachelor's degree, OR 3+ years of relevant work experience

Preferred Qualifications :
• Bachelor's degree, OR 3+ years of relevant work experience
• Work experience or training as a Network/Security Operations Engineer, network/security support analyst, or experience across multiple technologies such as firewalls including web application firewall, proxies, distributed denial of service systems, data labeling and loss systems
• Understanding of network monitoring concepts and management tools. Knowledge of systems, application, and fault monitoring toolsets namely Indeni, Splunk, QRadar, Solarwinds, or other similar platforms
• Functional understanding of packet and protocol from firewall and other systems through tools such as Wireshark to support troubleshooting activities
• Demonstrate knowledge of native cloud-based security monitoring tools
• General knowledge of networking and routing topology, cybersecurity frameworks, constructs, and auditable standards
• Communicate effectively throughout the incident management process to ensure that all communications are timely and accurate, as per documented process
• Understanding, proficiency, or certification of Information Technology Infrastructure Library (ITIL) concepts, preferably with knowledge of ServiceNow or other incident and change management tools
• Possess the background, experience, or skills to maintain both central and distributed firewall platforms and logging infrastructures
• MS Office suite functional use

Additional Information

** Work Hours: ** Varies upon the needs of the department.

** Travel Requirements: ** This position requires travel 5-10% of the time.

** Mental/Physical Requirements: ** This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.

U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 84,600.00 to 119,650.00 USD per year, which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical, Dental, Vision, 401 (k), FSA/HSA, Life Insurance, Paid Time Off, and Wellness Program.

Company Description

Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose - to uplift everyone, everywhere by being the best way to pay and be paid.

Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.

Job Description

The Cybersecurity Operations Associate Analyst is primarily responsible to monitor, analyze, and resolve onprem and cloud network security devices, security tools, and systems issues. This position will manage technical support requests directly from users as well as prioritize escalations from other team members and field engineers. Our engineers are responsible for maintaining application uptime and improving their computing experiences through effective maintenance, problem identification and resolution activities.

The position requires an in-depth understanding of how logical and physical connectivity issues can affect network and systems security posture and transaction quality.

Essential Functions:

* Monitor, analyze, and resolve network/cloud security devices, systems, and tools incidents

* Troubleshoot issues stemming from configurations on platforms such as firewalls including web application firewalls, proxies, distributed denial of service systems, data labeling and loss systems, and host-based security controls

* Follow both work instruction playbooks and runbook automations activities. Provide feedback to modify and suggest changes to work instructions for similar impacting events

* Understand and work within established Service Level Agreements (SLA) to ensure timely response

* Support and promote Visa's Cybersecurity operation standards and excellence

* Continuous improvement of core functions expected from Cybersecurity Operations Center

* Track, update, and resolve all assigned incidents, changes, and problem reports in the incident management system, ensuring that documentation is thorough, accurate, and meets a standard of high quality

* Follow documented support procedures, managing each issue through resolution or turnover to maintain established service levels

* Solicit feedback of documented procedures to accurately record resolution and ensure client satisfaction

* Measure and review work instructions for accuracy of execution and to drive toward objective response and restoration time frames. Review and solicit improvements through second level support groups and peers

* Maintain and achieve new technical skills through in-house or external trainings by engineering or higher-level support teams

* Modify and create work instructions or Recipes to prepare for similar impacting events and allow for a quicker response. Constantly review work instructions for accuracy and ask for improvements through second level support groups

* Lead, support, or contribute based on various incident bridges stewardship in support of timely resolution of internal issues

* Proactively monitor, recognize, analyze, isolate and/or resolve documented hardware and software problems utilizing a variety of hardware and software testing techniques

* Articulate problem statements with clarity. Consult with L2 support groups or development teams to drive toward long-term restoration and resolution of incidents

* Responsible for the internal and external communication of issues to management, other internal support groups, customer pages, email broadcasts, or verified phone calls

This is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager.

Qualifications

* Basic Qualifications :

Bachelor's degree, OR 3+ years of relevant work experience

Preferred Qualifications :

* Bachelor's degree, OR 3+ years of relevant work experience

* Work experience or training as a Network/Security Operations Engineer, network/security support analyst, or experience across multiple technologies such as firewalls including web application firewall, proxies, distributed denial of service systems, data labeling and loss systems

* Understanding of network monitoring concepts and management tools. Knowledge of systems, application, and fault monitoring toolsets namely Indeni, Splunk, QRadar, Solarwinds, or other similar platforms

* Functional understanding of packet and protocol from firewall and other systems through tools such as Wireshark to support troubleshooting activities

* Demonstrate knowledge of native cloud-based security monitoring tools

* General knowledge of networking and routing topology, cybersecurity frameworks, constructs, and auditable standards

* Communicate effectively throughout the incident management process to ensure that all communications are timely and accurate, as per documented process

* Understanding, proficiency, or certification of Information Technology Infrastructure Library (ITIL) concepts, preferably with knowledge of ServiceNow or other incident and change management tools

* Possess the background, experience, or skills to maintain both central and distributed firewall platforms and logging infrastructures

* MS Office suite functional use

Additional Information

Work Hours: Varies upon the needs of the department.

Travel Requirements: This position requires travel5-10% of the time.

Mental/Physical Requirements: This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.

U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 84,600.00 to 119,650.00 USD per year, which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical, Dental, Vision, 401 (k), FSA/HSA, Life Insurance, Paid Time Off, and Wellness Program.

Cybersecurity and Network Security Engineer

Cybersecurity and Network Security Engineer

Astor & Sanders Corporation (Astor) is a prestigious IT solutions provider headquartered in McLean, VA, currently seeking a talented Cybersecurity and Network Security Engineer . This position is full-time and based in Bethesda, MD.

Key Responsibilities

• Support in assessing, improving, and maintaining the cybersecurity posture of NIH ICS/OT/IoT environments to mitigate cyber security risks (e.g., insider and external threats, intentional and accidental).
• Audit of ICS/OT environments and perform risk/vulnerability assessments.
• Develop NIH-specific cybersecurity roadmaps prioritizing the remediation of cyber threats based on likelihood and impact.
• Create mitigation plans for vulnerabilities and support remediation efforts.
• Assist in reviewing and developing Industrial Cybersecurity programs, security policies, and industry best practices to enhance NIH's OT cybersecurity program.
• Inventory client's hardware & software assets, assess for vulnerabilities, obsolescence, and risks.
• Review network architectures for best practices (e.g., network segmentation, use of Industrial DMZ) and provide compliance recommendations.
• Review security products (firewalls, IDS, IPS) for proper configuration.
• Deploy network infrastructure devices, security appliances, and virtualization solutions.
• Review US government cybersecurity policies, analyze logs and security events, and recommend improvements.
• Review controls and provide recommendations to mitigate cybersecurity risks.
• Perform vulnerability and risk assessments in manufacturing and critical infrastructure environments, providing remediation recommendations.
• Create detailed diagrams, procedures, and plans to support projects.
• Additional duties as assigned.

Requirements

• Certified Information Systems Security Professional (CISSP).
• Degree in Engineering (Electrical, Mechanical, Chemical, or similar), Computer Science, or related field.
• Strong understanding of cybersecurity frameworks for ICS/OT environments (e.g., ISA-99/IEC 62443, NIST SP 800-82, CIS).
• Knowledge of OT network communication protocols (Ethernet/IP, CIP, Modbus, OPC) and industrial networking topologies.
• Minimum of five (5) years of hands-on experience in ICS/OT network architecture assessment, design, and implementation.
• Experience with Cyber-Physical Systems (CPS).

Benefits

Astor & Sanders Corporation offers a stimulating environment that fosters growth and rewards performance. We are an Equal Opportunity Employer.

Our benefits include:

• Generous Paid Time Off (PTO) and all Federal Holidays.
• Comprehensive Health and Dental Insurance Coverage.
• Retirement Savings Plan.
• Pre-Tax Benefit Program.
• Wellness and Work-Life Support.
• Professional Development Opportunities.
• Performance and Referral Bonuses.
• Life and Disability Insurance.

Additional Information

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industries: Technology, Information, and Internet

#J-18808-Ljbffr

Our client, a leader in cybersecurity solutions, is seeking a highly skilled Senior Information Security Analyst specializing in Threat Intelligence to join their elite security operations team in Washington, D.C., US . This role is pivotal in protecting the organization and its clients from evolving cyber threats. The Senior Information Security Analyst will be responsible for the proactive identification, analysis, and reporting of cyber threats, vulnerabilities, and attack vectors. You will play a critical role in developing and implementing threat intelligence strategies, correlating data from various sources, and providing actionable insights to security teams and leadership. Key responsibilities include monitoring global threat landscapes, analyzing threat actor tactics, techniques, and procedures (TTPs), and contributing to incident response efforts. The ideal candidate will possess a deep understanding of cybersecurity frameworks, networking protocols, and malware analysis. Strong analytical, research, and communication skills are essential, as is experience with threat intelligence platforms and SIEM tools. You will be instrumental in enhancing the organization's defensive posture and mitigating security risks. Responsibilities:

• Proactively monitor and analyze global threat intelligence feeds, open-source intelligence (OSINT), and industry reports to identify emerging threats and trends.
• Analyze threat actor TTPs, motivations, and infrastructure to develop actionable intelligence.
• Correlate and enrich security data from various sources, including SIEM, IDS/IPS, endpoint protection, and vulnerability scanners.
• Develop and maintain threat intelligence reports, briefings, and alerts for technical and executive audiences.
• Contribute to the development and refinement of threat hunting methodologies and use cases.
• Support incident response activities by providing timely and accurate threat context and analysis.
• Identify and assess vulnerabilities within the organization's environment and recommend mitigation strategies.
• Collaborate with security operations center (SOC) analysts, incident responders, and other security teams to share intelligence and improve defensive capabilities.
• Evaluate and recommend new threat intelligence tools and technologies.
• Stay abreast of the latest cybersecurity threats, attack methods, and defense techniques.
• Contribute to the development and improvement of security policies and procedures.

Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master's degree preferred.
• Minimum of 5 years of experience in information security, with a strong focus on threat intelligence, security analysis, or incident response.
• Proven experience in collecting, analyzing, and reporting on cyber threats and vulnerabilities.
• In-depth understanding of cybersecurity principles, frameworks (e.g., MITRE ATT&CK), and common attack vectors.
• Familiarity with threat intelligence platforms, SIEM tools (e.g., Splunk, QRadar), and endpoint detection and response (EDR) solutions.
• Proficiency in analyzing network traffic, logs, and malware.
• Strong research, analytical, and critical thinking skills.
• Excellent written and verbal communication skills, with the ability to present complex information clearly.
• Relevant certifications such as GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or CISSP are highly desirable.
• Ability to work effectively in a team-oriented environment and manage multiple priorities.

Our client is seeking a highly motivated and experienced Senior Information Security Analyst specializing in Threat Intelligence to join their dynamic team in Washington, D.C., US . This role is critical in safeguarding the organization's digital assets by identifying, analyzing, and mitigating cyber threats. You will be responsible for monitoring the global threat landscape, developing actionable intelligence reports, and advising on defensive strategies. The ideal candidate will possess a deep understanding of cyberattack methodologies, threat actors, malware analysis, and security frameworks. You will collaborate closely with incident response teams, security operations center (SOC) analysts, and other stakeholders to ensure proactive defense mechanisms are in place.

Key Responsibilities:

• Continuously monitor and analyze threat intelligence feeds, dark web forums, and open-source intelligence (OSINT) for emerging threats relevant to the organization.
• Develop and maintain threat models, actor profiles, and attack vectors.
• Produce high-quality, timely threat intelligence reports and briefings for technical and executive audiences.
• Provide expert guidance on security best practices and risk mitigation strategies based on intelligence findings.
• Support the incident response process by providing context and indicators of compromise (IOCs).
• Evaluate and recommend new threat intelligence tools and technologies.
• Participate in security awareness training and evangelize threat intelligence best practices across the organization.
• Collaborate with internal teams and external partners to share information and enhance collective security posture.
• Conduct vulnerability assessments and penetration testing support as needed.
• Stay abreast of the latest cybersecurity trends, technologies, and vulnerabilities.

Qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. Master's degree or relevant certifications (e.g., CISSP, GIAC, OSCP) are a plus.
• Minimum of 5 years of experience in information security, with at least 2 years focused on threat intelligence analysis.
• Proven experience with SIEM tools, threat intelligence platforms (TIPs), and security orchestration, automation, and response (SOAR) solutions.
• Strong understanding of networking protocols, operating systems, and common attack vectors.
• Excellent analytical, problem-solving, and critical-thinking skills.
• Exceptional written and verbal communication skills, with the ability to articulate complex technical information to diverse audiences.
• Ability to work independently and as part of a collaborative team in a fast-paced environment.
• Proficiency in scripting languages such as Python is highly desirable.
• Must be eligible to work in the US.

This is an exceptional opportunity to make a significant impact on the security of a leading organization. Join us and be at the forefront of cyber defense in Washington, D.C., US .

Our client, a leading cybersecurity firm operating nationally and headquartered in Washington, D.C., US , is seeking a highly skilled Senior Information Security Analyst with a specialization in Threat Intelligence. This vital role involves the proactive identification, analysis, and dissemination of threat intelligence to protect the organization and its clients from cyber threats. The ideal candidate will possess deep expertise in cyber threat landscapes, advanced persistent threats (APTs), malware analysis, and security incident response. You will be responsible for monitoring global threat activities, correlating intelligence from various sources, and developing actionable insights to enhance our defensive security posture. This is an exciting opportunity to work at the forefront of cybersecurity and contribute to safeguarding critical digital assets.

Key Responsibilities:

• Monitor, collect, and analyze global cybersecurity threat intelligence from various sources, including open-source intelligence (OSINT), dark web, threat feeds, and proprietary tools.
• Identify and track threat actors, their tactics, techniques, and procedures (TTPs).
• Conduct in-depth analysis of malware, phishing campaigns, and other cyberattack vectors.
• Develop and disseminate actionable threat intelligence reports, alerts, and briefings to relevant stakeholders, including security operations centers (SOC) and incident response teams.
• Collaborate with incident response teams to provide timely intelligence during active security incidents.
• Develop and refine threat hunting methodologies based on intelligence gathered.
• Contribute to the development and improvement of security tools and technologies used for threat intelligence collection and analysis.
• Participate in security awareness training and provide subject matter expertise on current cyber threats.
• Maintain and manage threat intelligence platforms and databases.
• Build relationships with external threat intelligence communities and information sharing groups.
• Stay current with emerging cybersecurity threats, vulnerabilities, and industry best practices.
• Develop and maintain documentation for threat intelligence processes and procedures.

Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master's degree is a plus.
• Minimum of 5 years of experience in information security, with at least 3 years focused on threat intelligence, security operations, or incident response.
• Proven experience in collecting, analyzing, and reporting on cyber threat intelligence.
• In-depth knowledge of threat actor methodologies, APTs, malware analysis, and network forensics.
• Proficiency with threat intelligence platforms, SIEM tools, and security analytics tools.
• Familiarity with scripting languages (e.g., Python) for data analysis and automation is highly desirable.
• Excellent analytical, critical thinking, and problem-solving skills.
• Strong written and verbal communication skills, with the ability to clearly articulate complex technical information.
• Relevant certifications such as GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or Certified Threat Intelligence Analyst (CTIA) are highly valued.
• Ability to work independently and collaboratively in a team environment.

Join a world-class team dedicated to staying ahead of evolving cyber threats.

Our client is seeking a highly skilled and motivated Senior Information Security Analyst to join their growing team in Washington, D.C., US . This critical role focuses on threat intelligence and the proactive defense against evolving cyber threats. The ideal candidate will have extensive experience in analyzing security threats, identifying vulnerabilities, and developing robust mitigation strategies. You will be responsible for monitoring security alerts, investigating security incidents, and conducting forensic analysis to understand the root cause of breaches. Key responsibilities include developing and implementing security policies and procedures, conducting security awareness training, and evaluating and recommending new security technologies. The Senior Information Security Analyst will also play a key role in incident response planning and execution, ensuring the organization's assets are protected against sophisticated attacks. This position requires a deep understanding of network security, endpoint security, cloud security, and various security frameworks such as NIST and ISO 27001. We are looking for an individual with a keen eye for detail, strong analytical skills, and the ability to communicate complex technical information clearly and concisely to both technical and non-technical audiences. You will be at the forefront of defending the organization against cyber adversaries, requiring a proactive and innovative approach to security. This role offers the opportunity to work with cutting-edge security tools and technologies in a challenging and rewarding environment. Collaboration with internal teams, including IT, legal, and compliance, will be essential to maintain a comprehensive security posture. The successful candidate will contribute significantly to the overall security strategy and risk management efforts.

Key Responsibilities:

• Monitor, detect, and respond to security threats and incidents.
• Conduct in-depth analysis of security logs, network traffic, and system events.
• Perform vulnerability assessments and penetration testing.
• Develop and implement security controls and countermeasures.
• Create and maintain security documentation, policies, and procedures.
• Lead incident response efforts and conduct post-incident analysis.
• Stay abreast of the latest cybersecurity trends, threats, and technologies.
• Provide security expertise and guidance to other departments.
• Contribute to the development of security awareness training programs.
• Evaluate and recommend security solutions and technologies.

Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, or a related field.
• CISSP, CISM, CEH, or similar security certifications are highly desirable.
• Minimum of 7 years of experience in information security, with a focus on threat intelligence and incident response.
• Strong understanding of cybersecurity principles, frameworks (NIST, ISO 27001), and best practices.
• Proficiency in security information and event management (SIEM) tools, IDS/IPS, and endpoint detection and response (EDR) solutions.
• Excellent analytical, problem-solving, and communication skills.
• Experience with scripting languages (e.g., Python, PowerShell) for automation is a plus.