Cybersecurity Analyst

About the position

In this role, you will report to the Lead of Focused Operations under the Branch Chief of Defensive Cyber Operations. Your primary responsibility will be to develop and maintain defensive countermeasures for the enterprise. You will work within a Fusion model, collaborating with various teams in Focused Operations to proactively prevent successful compromises and eradicate persistent adversaries already present in the enterprise. This will involve reviewing both future and past intelligence reports, analyzing incident reports, conducting regular Purple Teaming exercises, and continuously validating the effectiveness of deployed Defensive Countermeasures. Your work will include analyzing trends and patterns of data on confidential networks to identify and predict previously undiscovered events and incidents. You will be responsible for developing or tuning rules, signatures, and scripts as necessary. Coordination with Defensive Cyber Operations and other Cybersecurity Operations Services will be essential to investigate potential sources of compromise on enterprise systems. You will also correlate and analyze precursors to incidents, collaborating with the Cyber Data Analytics team to enhance SIEM alert efficiency by evaluating valid alerts and false positives. Additionally, you will work closely with the Cyber Incident Response Team to assess ongoing incident activity, predict adversary responses, and identify locations of compromise to assist with triage. All your work will be documented in the authorized ticketing system with sufficient detail to allow stakeholders to systematically reconstruct your analysis. You will also provide input during recurring meetings and briefings as required.