Senior Cyber Threat Intelligence Analyst

Location: VA Vienna - Headquarters Full/Part Time: Full-Time Regular/Temporary: Regular

Job Description

Employee Perks

Why You Will Love Being Part of the Navy Federal Team:

*Competitive compensation with opportunities for annual raises, promotions, and bonus potential
*Best-in-Class Benefits! (7% 401k match / Pension plan / Tuition reimbursement / Great insurance options)
*On-site amenities include fitness center, wellness center, cafeteria, etc. at Pensacola, FL; Vienna, VA and Winchester, VA campuses
*Consistently Awarded Top Workplace
*Nationally recognized training department by TRAINING Magazine IND123
*An employee-focused, diverse, and service-oriented workplace environment

Basic Purpose

The Sr. Cyber Threat Intelligence Analyst is responsible for a broad range of responsibilities, with a primary emphasis on conducting research and analysis on current threat activities as well as identifying and summarizing top industry cyber security trends as they apply to Navy Federal Credit Union (NFCU). The analyst will identify, analyze, and report on employed threat Techniques, Tactics and Procedures (TTP) in order to provide security members with awareness and/or actionable information that allows for the development or implementation of proactive defensive measures and improved response actions. The analyst will assist with complex, sensitive incident response activities and apply knowledge of computer and network architecture to provide analysis during investigations, identifying adversarial activity and methods for future detection and prevention.


•    Primary responsibilities include:Perform advanced security event detection and threat analysis for complex and/or escalated security events
•    Perform advanced intelligence analysis using analytical tradecraft methods and forensic tools 
•    Provide log/network/malware/device analysis and making recommendations for remediation of security vulnerability conditions
•    Provide independent critical thinking to diagnose and analyze threat intelligence data and making decisions on response and remediation
•    Use commercial and OpenSource tools to quickly analyze, detect, and respond to cyber security incidents
•    Use IDS/IPS and other point of presence security tools to support investigations and incident response activities
•    Use a combination of Open Source research, network, and host forensic analysis, log review and correlation to support investigations
•    Develop comprehensive security write-ups which describe security issues, analysis, and remediation techniques to management
•    Develop internal documentation, such as detailed procedures, playbooks, and operational metrics reports as required
•    Execute daily adhoc tasks or lead small projects as needed


•    Previous experience in cyber threat intelligence and Information Security in a senior role 
•    Ability to monitor and analyze logs and alerts from a variety of different technologies, including IDS/IPS, firewall, proxies, and anti-virus across multiple platforms
•    Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate an understanding of current and developing cyber threats
•    Ability to leverage online research tools to identify and navigate online forums, specialized Web sites, social media, and traditional sources
•    Ability to coordinate and respond to events on all of the monitored networks and the systems on those networks
•    Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources for the purposes of documenting results and analyzing findings to provide advanced threat intelligence
•    Knowledge of security architectures, devices, proxies, and firewalls is required
•    Strong research, analytical, and problem solving skills
•    Excellent verbal, written and interpersonal communication skills 
•    Proven ability to present findings and conclusions clearly and concisely to all levels of staff, management and/or vendors

•    Graduation from an accredited four year college or university in a technical / engineering discipline or equivalent work experience 
•    Experience with Security Tools related to Enterprise Log Management, IPS/IDS, Antivirus, Firewalls, Proxies, DLP, Forensic Analysis and SIEM
•    Experience in Cybersecurity analysis, incident response, or a related field with increasing  responsibility
•    CISSP, GIAC, or other related Information Security certifications 
•    Previous experience creating correlation content in a SIEM tool is a plus

Monday-Friday, 8:00AM-4:00PM

Equal Employment Opportunity


Navy Federal values, celebrates, and enacts diversity in the workplace.  Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans.  EOE/AA/M/F/Veteran/Disability