Seeking an experienced Senior Threat Analyst to provide Computer Network Defense (CND) and Response support through Email Phishing Threat Analysis. Will be responsible for Developing and maturing an Anti-Phishing Threat Reduction Program which will include gap analysis, technology recommendation, and analysis with the goal of deploying and managing a service capability that will collaborate with a 24x7x365 CSIRT to monitor and analyze potential threat activity targeting the enterprise.

Responsibilities

• Design, configure, deploy, and maintain an Anti-Phishing Threat Defense and Training Program Ensure infrastructure and security practices consistently adhere to stringent compliance requirements and governance processes
• Develop and run security reports and logs, and analyze the findings to determine strategies that will strengthen the Anti-Phishing security efforts.
• Improve existing procedures for monitoring and reporting with CSIRT/SOC
• Monitor and resolve malware, phishing, and spam incidents
• Implement security improvements based on testing and current trends
• Detect and analyze incidents, coordinate activities with other stakeholders for containing, eradicating, and recovering from phishing incidents
• Develop advanced analytics and countermeasures to protect critical assets from Phishing attempts
• Monitor message campaigns to identify high-risk customer experiences (i.e., phishing, malware, counterfeit offers, scams, and predatory or deceptive offers)
• Work with industry technology and content providers to help educate users on how to better secure themselves against threats
• Gather and record key indicators and information about the threat infrastructure of live campaigns
• Establish and apply internal standards consistently to accommodate new information
• Serve as liaison and coordinate operations between the federal lead and other contract support staff
• Serve as Subject Matter Expert and guide operational tempo at the discretion of the Federal Lead
• Attends and participates in Briefings and Conference Calls with Federal lead before and after assessment, providing technical expertise when required

Qualifications

• Education:
• Bachelor’s degree preferred

• Required Knowledge/Experience:
• Hands on experience and expertise from previous engagements in designing and deploying anti-phishing programs for large scale enterprise customers
• A minimum of one of the following certifications

• CERT Certified Computer Security Incident Handler
• ECC CEH (Electronic Commerce Council Certified Ethical Hacker)
• GCIH (GIAC Certified Incident Handler)
• GISF (GIAC Information Security Fundamentals)
• CISSP (ISC2 Certified Information System Security Professional)
• SCNP (Security Certified Network Professional)
• SCNA (Security Certified Network Architect)

• Combination of 10+ years’ in information security and education experience
• Writing threat reports and other management level communications
• Specific attention and experience viewing and analyzing emails as reported
• Working with IT Security and Employees to perform triage and resolutions on possible malicious emails
• Solid understanding of cyber landscape + typical threat vectors