Senior Cyber Incident & Threat Intelligence Lead

Job Description Everforth ECS is seeking a Senior Cyber Incident Analyst to work in our Arlington, VA office. ECS is seeking talented professionals to join our successful and growing team supporting the Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC). The JCDC is CISA’s flagship initiative for uniting government, industry, and international partners to proactively defend against cyber threats. Our ECS team is at the center of providing support to JCDC as they continue to plan, share, and respond to cyber threats in real time to support the greater cyber community, and we are looking to grow our team supporting this critical mission. The successful candidate will foster collaboration and communication within a team of incident coordinators/analysts, develop and implement playbooks/mitigation strategies supporting cyber threats and incident management, have expert-level communications skills that enable stakeholder and customer actions and decision enablement. This role requires a strong understanding of cybersecurity principles, threat intelligence, and risk management. The ideal candidate will provide incident management support for coordination with stakeholders and executives/government leaders, provide technical guidance for root cause analysis, risk and mitigation strategies and documentation of post-incident analysis/reporting. Familiarity with knowledge management tools such as Confluence or SharePoint to document workflows and communication methods. Including alignment with industry frameworks such as MITRE ATT&CK for incident management and cyber threat intelligence mapping, CVE and DHS/CISA KEV tracking. They will also collaborate with other teams to satisfy customer requirements and develop and implement technical solutions to advance Threat Hunting, Incident Management, and Risk Mitigation capabilities within FCEB, SLTT and Partner communities. Responsibilities Create written guidance and recommendations to assist JCDC partners with solutions for active and ongoing cyber threats. Maintain and develop SOPs for current processes to streamline workflows. Analyze, develop and provide recommendations for process improvements to the customer. Perform analysis on active cyber incidents, events and vulnerabilities to provide guidance and targeted recommendations for mitigation efforts. Conduct threat intelligence research and analysis to stay up-to-date on emerging technologies, threats and trends. Then apply this knowledge to develop efficient cyber risk mitigation strategies. Oversee the translation of strategic products into clear, practical formats that are tailored to the specific needs and operational constraints of different stakeholder groups, including large and small jurisdictions and critical infrastructure (CI) partners. Provide tailored vulnerability mitigation recommendations and contextualized examples to stakeholders to address implementation challenges and encourage rapid adoption. Required Skills US Citizenship with the ability to obtain and maintain DHS (Suitability) EOD/ Public Trust On-site 3-5 days per week in Arlington, VA Active Top Secret Clearance and SCI eligible. 10+ Years of previous experience in a threat intelligence, cyber security, incident response, or similar role Ability to expertly analyze and produce reports on active cyber threats, including but not limited to, phishing, malware, and ransomware attacks. Proven understanding of cybersecurity frameworks such as MITRE ATT&CK Proven understanding of computer and network fundamentals Strong understanding of computer architecture, operating systems, vulnerabilities, encryption, or other areas of expertise Ability to perform in-depth research tasks and produce written technical summaries to include insights and predictions based on an analytical process Expert level experience with developing, documenting, and maintaining Standard Operating Procedures. Excellent written and oral communication skills Ability to develop cyber threat reporting products that address risks and mitigation strategies using both OSINT and COTS solutions. Familiarity with AI/ML concepts and applications that support Workflow and Incident Management process improvements. Proficiency with Confluence for creating, organizing, maintaining, and collaborating on technical and operational documentation. Desired Skills Ability to mentor and foster Junior-Mid level Cyber Analysts Familiarity with the .gov Cyber Mission space and legal constraints applicable to civilian Government Agencies (e.g., FISMA) Familiarity with federal reporting mandates and secure-by-design principles Ability to interpret complex cybersecurity topics and effectively communicate or present information to various groups of stakeholders (Executives, SOC, etc.) Field-related certifications such as (CTIA, CEH, GREM, GCIH, GCFA) Experience with tools in both Linux and Windows environments ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law. #J-18808-Ljbffr