This site uses cookies. To find out more, see our Cookies Policy

Sr. Cyber Threat Analyst in Hartford, CT at Vaco

Date Posted: 2/27/2019

Job Snapshot

Job Description

Vaco is a private-equity backed solutions company that provides consulting, managed services, staffing, and placement services globally. Established in 2002 by "Big 4" consulting veterans, Vaco now has over 40 offices and has worked with over 9,000 clients. We have over 6,000 consultants and been named to Inc. magazine's list of fastest-growing private companies for the past 12 years. Vaco offers boutique services with global reach.

The Vaco Cyber Security team's success relies on the trusted relationships built with our clients. We recognize the challenge organizations encounter improving security, restructuring operations and handling risk while maintaining compliance and keeping costs down. Our information security specialists work closely with organizations to provide the solutions that best match business and security objectives. As a member of the team, you will have the opportunity to utilize and expand your skills through client experience and industry training while collaborating with security professionals across industries. Our team provides the full spectrum of security services to clients including, Strategy & Advisory, Identity & Access Management, Cyber Security Operations, Managed Services, Governance, Risk, and Compliance.

In this highly visible role, you will perform research and analysis searching for indications of advanced threat actors existing on the network. Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise. Individual will then work to operationalize new and innovative techniques of discovering advanced threat actors. Works with our partners inside and outside the organization to ensure there are good data sources to enrich hunting capabilities.

The focus of this role is working within the Cybersecurity department reporting to the Associate Director Cyber Security and Risk Management and Lead.
Job responsibilities are:

Work as part of the larger Cyber Fusion group to hunt advanced actors and develop techniques to detect them. The person in this role will constantly be learning and applying the "hacker mindset" to situations to push our capabilities past where they are now. This individual will help mentor other teams within the Cyber Fusion Center to up skill their capabilities.

Minimum Qualifications

  • 4-7 years of background in information security, cyber security or network engineering.
  • Must understand typical threat actor profiles, the typical indicators associated with those profiles, and be able to synthesize the two to develop innovative techniques to detect threat actor activity.
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
  • Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
  • Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise
  • Ability to analyze logs, normalize and perform automated log correlations utilizing big data analysis or hunt tools to identify anomalous and potentially malicious behavior
  • Strong experience with Digital forensics on host or network from malware perspective, ability to identify anomalous behavior on network or endpoint devices
  • Experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security, and security monitoring solutions (NSM, DLP, Insider, etc)
  • Self-starting, organized, proactive, and requiring minimal management oversight.
  • Ability to quickly learn new and complex concepts.
  • Strong analytical skills/problem solving/conceptual thinking/attention to detail.
  • Ability to work effectively with peers and multiple levels of management.
  • Well organized, thorough, with the ability to balance and prioritize competing priorities.
  • Excellent verbal and written communication skills across multiple levels of the organization.

  • Desired Qualifications

  • A passion for Cyber Threat Hunting, research, and uncovering the unknown about threats and threat actors
  • Bachelor's degree in Computer Science.
  • Ability to effectively code in a scripting language (Python, Perl, etc.)
  • Ability to understand big data and query languages (Splunk, SQL etc.)
  • Experience with either Red team or Blue team operations and ability to think both like an attacker and defender.
  • Experience setting up infrastructure to support Hunt Team operations