Previous Job
Cyber Risk Defense Analyst
Ref No.: 18-05852
Location: Reston, Virginia
Position Type:Right to Hire
Start Date: 07/31/2018
Genesis10 is building a Cyber Security team in Reston, VA.  We have multiple roles to fill on this project and one particular role is a Cyber Risk Defense Analyst.  This is a contract to hire position located in Reston, VA.

Analysts will be working in a 24x7 environment working 4 ten hour shifts.  These are not rotating shifts and for now are fixed.  40 hour weeks.
Monday – Wednesday = first half
Wednesday – Sunday = second half
Wednesday they are double staffed to conduct meetings etc.
1st shift is 6 or 7am to 3 or 4 pm
2nd shift is 1 pm to 11 pm
3rd shift is 10 pm to 7 am

All candidates need to be willing to work varying shifts. 

Job Description
The Cyber Risk Defense Analyst will execute a range of threat discovery and incident response duties within the Global Cyber-risk Defense Center (gCDC). The successful candidate will work as part of a team that conducts investigations into potential and actual cyber-attacks affecting Client's global business units, lines of business, or information technology infrastructure. The gCDC encompasses a number of teams across disciplines including alert validation and tuning, incident response, and cyber threat intelligence. The teams follow a kill chain-aligned operational model, giving the candidate exposure to all elements of an attack lifecycle. This position will report to a gCDC Cyber Risk Defense Team Lead and will provide guidance/direction to Junior Cyber Analysts.
  • Investigate potential cyber-attacks and intrusion attempts, and lead containment, eradication, recovery, and lessons learned analysis of actual incidents.
  • Gather forensic evidence for analysis, investigation, disciplinary action, or criminal investigation.
  • Leverage aggregated cyber threat intelligence, log, network flow, and anomaly data for analysis, research, and the identification of potential compromise within Client's infrastructure or applications.
  • Perform root cause analysis to identify gaps and provide technical and procedural recommendations that will reduce Client's exposure to cyber-risks.
    Prioritize incoming requests to minimize risk exposure and ensure the timely completion of critical tasks and the escalation of time-sensitive issues.
  • Investigate escalations from the Alert Validation team.  Accept or refute escalations, performing incident response to accepted events, or providing constructive feedback for refuted events.
  • Provide ongoing mentorship to junior Cyber Analysts and liaise with members of other gCDC functions to assess and mitigate the risks posed to Client by identified threats.
    Provide expert input on Incident Response process definition and support the development and maintenance of documented play-book procedures, knowledge articles, and training material.
  • Create detailed incident and analysis reports and provide concise summaries for management.
  • Communicate effectively with other stakeholders of our incident response efforts, including representatives of the business units, technology specialists, vendors, and others.
  • Contribute to our efforts to drive continuous improvement by recommending and collecting various key metrics for reporting to senior management on Incident Response.
  • Participate with other experts throughout the company to plan, test, and improve incident response capabilities.
  • Minimum of 7 years of experience in Information Security, and at least (3) years practical experience in a Security Operations Center (SOC) environment and/or experience with security monitoring, event and anomaly analysis, intrusion detection/prevention, incident response or SIEM use case development.
  • A deep understanding of cyber security operations processes, procedures, guidelines, and solutions, including practical experience of cyber kill chain principles
  • Deep understanding of Reverse Engineering Forensics
  • In-depth understanding of Windows, UNIX, and Linux operating systems, networking, malware defenses, and perimeter controls.
  • Knowledge of TCP/IP networking and core Internet protocols such as UDP, ICMP, DNS, FTP, SMTP, HTTP, SNMP, etc.
  • Proven ability to innovate, develop, implement, and effectively document complex technical systems and approaches.
  • Ability to contribute to the development of custom IDS signatures or SIEM use cases.
  • Knowledge of adversary tactics, techniques, and procedures, along with analysis of advanced intrusions across a complex global network; and basic cyber-security forensics procedures.
  • Strong oral and written communications skills (e.g., technical writing, user guide development, requirements analysis) and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups.
  •  Understanding of how to read and interpret malware analysis reports.
Soft Skills to Include:
  • Self-starter with a sense of urgency who takes ownership and responsibility for service delivery
  • Work independently with minimal guidance to drive projects to completion, while also working collaboratively with the team to achieve strategic goals
  • Professional, clear, and concise communication to both technical and non-technical audiences
  • Strong deductive reasoning, critical thinking, problem solving, prioritization, and consultative skills
  • Proven organizational skills (time management and prioritization), and employ a rigorous process for all follow-up / coordination activities
  • Integrity and discretion are mandatory as this role requires access to highly sensitive confidential material.
  • Comfortable working in a dynamic environment, balancing multiple incidents, special projects, and other activities.
  • Ability to deal diplomatically and effectively at all levels of the business including both technical and non-technical staff, management, and senior leadership.
  • Willingness to support and develop junior team members while also delivering on candidate's own responsibilities.
Formal Education & Certifications
  • Bachelor of Science in Computer Science, Information Systems, Software Engineering, or relevant military or law enforcement experience
Desired Skills

One of any of the following certifications:
  • ISC2 SSCP (Systems Security Certified Practitioner)
    o   ISC2 CCFP (Certified Cyber Forensics Professional)
    o   GIAC Certified Intrusion Analyst (GCIA)
    o   GIAC Certified Incident Handler (GCIH)
    o   EC-Council Computer Hacking Forensic Investigator (CHFI)
    o   EC-Council Certified Incident Handler (CIH) 
  • Active or previously held Security Clearance preferred  
W2 Status:
Only W2 candidates will be considered for this position.
Benefits of Working with Genesis10:
As a Genesis10 consultant, we are proud to offer access to the following benefits:
  • Medical and dental insurance
  • Bi-weekly payroll
  • 401k plan
  • Successful re-marketing program
  • Referral program with the opportunity to earn additional income  
If you have the described qualifications and are interested in this exciting opportunity, please apply!
About Genesis10:
Genesis10 is a leading U.S. business and technology consulting firm with hundreds of clients needing proven talent and solutions to power their strategic initiatives.  If you are a high performing business or IT professional with solid, referenced experience, we want to meet you.  Genesis10 recruiters and delivery professionals are highly accomplished career advocates, who get to know you beyond your resume to position you with the opportunities that fit your skills, experience and aspirations.  We have benefit options to fit your needs and a support staff that works with you from placement throughout your engagement – project after project.   To learn more about Genesis10 and to view all our available career opportunities, please visit us at 
“Genesis10 is an Equal Opportunity Employer, M/F/D/V”