SR. INFOSEC OPERATIONS ANALYST WITH SECURITY CLEARANCE
MITRE Corporation
Bedford MA 01730 US
Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges-and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day-working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE-and make a difference with us. MITRE's Information Security department seeks an Operations Analyst to respond to and investigate cyber security incidents within the organization. This position offers a challenging opportunity to be exposed to a diverse set of security disciplines, including incident response, forensics, reverse engineering, malware analysis, intrusion detection, network security, and system security. MITRE has long been a source of cyber security innovation and continues to seek dedicated and talented individuals. Roles & Responsibilities: * Respond to security alerts, investigate for signs of compromise and react accordingly.
* Track and document security events and incidents in a ticketing system.
* Analyze log data for signs of malicious activity in a SIEM.
* Develop new analytics and apply mitigations for adversary Tactics, Techniques, and Procedures (TTPs).
* Automate workflows in a SOAR tool.
* Hunt for undetected indicators of compromise.
* Develop new ways to use existing data to identify malicious activity.
* Perform Incident Response actions such as forensics, memory analysis, etc. Basic Qualifications: * Typically requires a minimum of 5 years of related experience with a Bachelor's degree; or 3 years and a Master's degree; or a PhD with relevant experience who can immediately contribute at this job step; or equivalent combination of related education and work experience. * Must be detail oriented and able to consistently follow incident investigation process.
* Must have good analytical, written, verbal, and interpersonal communication skills.
* Must be able to work well as part of a team and be self-motivated to work on individual projects.
* Must have prior experience with cloud monitoring and response or analytic development in at least one major cloud provider's environment (AWS, Azure, or GCP)
* Must have prior hands-on experience analyzing and responding to cyber events, including network, endpoint, server and cloud.
* Must have prior hands-on experience with threat hunting.
* This position requires a minimum of 50% hybrid on-site. Preferred Qualifications: * Applied knowledge of Cyber Security concepts.
* Familiarity with Linux, Mac, and Windows Operating Systems.
* An in-depth understanding of TCP/IP network protocols and application layer protocols (e.g., HTTP, SMTP, DNS, etc.).
* Experience analyzing adversary tactics, techniques, and procedures (TTPs) and developing defenses and/or detections for them.
* Scripting experience, preferably with Python.
* Experience with Splunk or Elastic Search.
* Hands-on cloud incident response experience.
* Works well independently and with the team.
* Technical leadership skills.
* Solves complex problems.
* Adaptability to new tools, architectures, and policies.
* Prior experience with network, host, and memory forensics. This requisition requires the candidate to have a minimum of the following clearance(s): None This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s): Secret Work Location Type:
Hybrid MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster and Pay Transparency . MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE's employment process, please email . Copyright © 2024, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only. Benefits information may be found here
* Track and document security events and incidents in a ticketing system.
* Analyze log data for signs of malicious activity in a SIEM.
* Develop new analytics and apply mitigations for adversary Tactics, Techniques, and Procedures (TTPs).
* Automate workflows in a SOAR tool.
* Hunt for undetected indicators of compromise.
* Develop new ways to use existing data to identify malicious activity.
* Perform Incident Response actions such as forensics, memory analysis, etc. Basic Qualifications: * Typically requires a minimum of 5 years of related experience with a Bachelor's degree; or 3 years and a Master's degree; or a PhD with relevant experience who can immediately contribute at this job step; or equivalent combination of related education and work experience. * Must be detail oriented and able to consistently follow incident investigation process.
* Must have good analytical, written, verbal, and interpersonal communication skills.
* Must be able to work well as part of a team and be self-motivated to work on individual projects.
* Must have prior experience with cloud monitoring and response or analytic development in at least one major cloud provider's environment (AWS, Azure, or GCP)
* Must have prior hands-on experience analyzing and responding to cyber events, including network, endpoint, server and cloud.
* Must have prior hands-on experience with threat hunting.
* This position requires a minimum of 50% hybrid on-site. Preferred Qualifications: * Applied knowledge of Cyber Security concepts.
* Familiarity with Linux, Mac, and Windows Operating Systems.
* An in-depth understanding of TCP/IP network protocols and application layer protocols (e.g., HTTP, SMTP, DNS, etc.).
* Experience analyzing adversary tactics, techniques, and procedures (TTPs) and developing defenses and/or detections for them.
* Scripting experience, preferably with Python.
* Experience with Splunk or Elastic Search.
* Hands-on cloud incident response experience.
* Works well independently and with the team.
* Technical leadership skills.
* Solves complex problems.
* Adaptability to new tools, architectures, and policies.
* Prior experience with network, host, and memory forensics. This requisition requires the candidate to have a minimum of the following clearance(s): None This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s): Secret Work Location Type:
Hybrid MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster and Pay Transparency . MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE's employment process, please email . Copyright © 2024, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only. Benefits information may be found here