Be on Alert – Fraudulent Employment Offers. Learn More

Multiple locations
Fairfax, Virginia, United States of America
Atlanta, Georgia, United States of America
JOB #R2202260

Elastic Cybersecurity Analyst

Bring your Cyber Threat Hunting experience and take advantage of this opportunity to discover how you can start to push past possible and achieve your goals today. 

As a Cybersecurity Analyst you will be responsible for coordinating and contributing to the Elastic training program that informs, educates, and executes on the implementation of Elastic with our clients. This position will partner with the other training professionals, stakeholders and other teams to provide instruction on the Elastic platform. This assignment also includes curriculum and program development and delivery, participation in department meetings, collaboration across disciplines, providing student support resources, and participation in ongoing professional development.

Your work will contribute to the knowledge of how cyber-attacks work, how vulnerabilities are exploited, and the way hostile cyber actors operate. This role is full-time remote with an option of 25-50% travel (when travel resumes). As an experienced SME, you will work closely with leaders and stakeholders to expertly translate training concepts in Elasticsearch, Logstash, and Kibana.

We will be asked to participate in a series of interviews demonstrating your knowledge, skills, and abilities about the Elastic platform. You will be asked to participate in a panel interview and provide a small instructional overview as part of the hiring process. Your candidacy will be contingent upon successfully completing the panel interview.

Candidates will benefit from our partner training incentive to pursue Elastic certifications as a part of their candidacy and can be reimbursed for certification costs as of successfully onboarding onto the program.

This is an opportunity to contribute to an important effort from its beginning, work with the latest and emerging technologies all while building a great career at ICF! 

RESPONSBILITIES

You’ll be a great fit if you:

  • Familiarity supporting federal Information Assurance Programs setting policy, governance, security operations programs, and NIST requirements.

  • Experience teaching in-person or remote advanced cybersecurity curriculum to federal and commercial clients.

  • Contributing to instructional delivery, time management skills and attention to detail

  • Strong presentation skills and ability to facilitate and gain consensus among stakeholders and clients with disparate views.

  • Experience with technical hands-on experience in threat hunting and security operations center support.

  • Experience developing cybersecurity reports, dashboards, and scripts.

  • Experience using automation and scripting to deploy and monitor systems.

  • Research new and novel tactics, techniques, and procedures (TTP) to protect data and privacy.

  • Perform in-depth analysis and or security testing of information systems, using a wide variety of tools and techniques.

  • Review operational results for accuracy, probability, and impact.

  • Ability to comprehend and explain complex concepts and initiatives to audiences that have various levels of understanding.

  • Training consists primarily of a 5-day security course:

    • Each module is a single day and delivered with the goal of teaching methodology and how to use Elastic/Kibana to threat hunt.

      • Module 1 Zeek

      • Module 2 Suricata

      • Module 3 Pcap/Stenographer

      • Module 4 Kibana

      • Module 5 Capstone/Threat hunting

BASIC QUALIFICATIONS

The following skills/experience/knowledge are required to be considered for this role:

  • Position is full-time remote with an option of 25-50% travel (if/when travel resumes)

  • 5-10 years cyber threat hunting experience

  • Delivering complex cybersecurity instruction and network security concepts

  • Minimum of 5 years of advanced experience in network security or a network security certification.

  • In-depth experience Elastic products and/or providing instructions

  • Advanced knowledge of cyber threats and tactics, techniques, and procedures (TTPs).

  • Experience in managing identity access management processes.

  • Experience configuring and supporting system scanning applications (DB Protect, Guardium, Tenable, etc) to support a range of target systems (Linux, Unix, Windows, Mainframes, Oracle, SQL Server, etc.)

  • Experience using data analysis to drive system and configuration enhancement for scanning and security applications

  • Experience in day-to-day operation of an IT Security Group including incident forensics, risk analysis, threat assessment and mitigation activities.

  • May lead training teams and/or projects coordinating work activities, reporting on work status and providing input on team performance.

  • Manages host-based security software across multiple systems to protect data and system resources.

  • Experience in reviewing threats and counter-measures, monitors incidents and maintains general awareness of threats to IT resources.

  • Applies extensive technical expertise in principle discipline and broad knowledge in related security disciplines in revising or developing new methods and procedures.

  • Has demonstrated Superior leadership ability to lead, inspire, and direct a team of engineers.

  • Experience in managing access management processes to grant and remove user access to IT systems.

  • Collect and analyze data, make recommendations to improve our approach and the results of future communications, events, and activities.

PREFERRED QUALIFICATIONS

  • Active High Level DOD clearance preferred but not required

  • Deep understanding of Elasticsearch and/or Lucene

  • Elastic Certified Analyst certification

  • Certified at IAT – Level 1 or above

  • Certification as a CCNP or CCIE in Security (bonus)

  • MS in Computer Science, Information Technology, Engineering, or Business discipline

  • Experience contributing to an open-source project or documentation

  • Experience in delivering instruction for enterprise search or databases

  • Experience in managing identity access management processes.

  • Experience configuring and supporting system scanning applications (DB Protect, Guardium, Tenable, etc) to support a range of target systems (Linux, Unix, Windows, Mainframes, Oracle, SQL Server, etc.)

  • Experience using data analysis to drive system and configuration enhancement for scanning and security applications

  • Experience in day-to-day operation of an IT Security Group including incident forensics, risk analysis, threat assessment and mitigation activities.

  • May lead training teams and/or projects coordinating work activities, reporting on work status and providing input on team performance.

  • Manages host-based security software across multiple systems to protect data and system resources.

  • Experience in reviewing threats and counter-measures, monitors incidents and maintains general awareness of threats to IT resources.

  • Applies extensive technical expertise in principle discipline and broad knowledge in related security disciplines in revising or developing new methods and procedures.

  • Has demonstrated Superior leadership ability to lead, inspire, and direct a team of engineers.

  • Experience in managing access management processes to grant and remove user access to IT systems.

  • Collect and analyze data, make recommendations to improve our approach and the results of future communications, events, and activities.

PROFESSIONAL SKILLS/EXPERIENCE

  • Provide leadership, management and coaching to a team of driven communicators.

  • The candidate must have client service experience and strong communication skills (both oral and written) and presentation skills

  • Has demonstrated Superior leadership ability to lead, inspire, and direct a team of instructors and/or engineers.

Working at ICF

Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth.

We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive. We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO & AA policy.

COVID-19 Policy: New or prospective U.S. employees must provide proof of complete vaccination on the date of their commencement of employment. If selected for employment, you will provide proof of your full vaccination status, defined as vaccinated two weeks after receiving the requisite number of doses of a COVID-19 vaccine approved or authorized for emergency use by the FDA.

Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation please email icfcareercenter@icf.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination:  EEO is the law and  Pay Transparency Statement.

Virginia Remote Office (VA99)

Who is ICF?

A global consulting services company with approximately 8,000 people across 75+ countries, but we are not your typical consultants.
LEARN MORE ABOUT ICF

More jobs you might like

Jul 22, 2022
Pensacola, Florida, United States of America
Jul 1, 2022
Multiple locations
May 17, 2022
Arlington, Virginia, United States of America
May 17, 2022
Arlington, Virginia, United States of America
May 17, 2022
Multiple locations
May 17, 2022
Arlington, Virginia, United States of America
See All Jobs

Join our talent network

ICF is growing, and we add new open roles to our site regularly. If you're waiting for that perfect opportunity at ICF or want an inside look at what it's like to do world-changing work, join our talent network to stay updated.

Join our talent network

ICF is growing, and we add new open roles to our site regularly. If you're waiting for that perfect opportunity at ICF or want an inside look at what it's like to do world-changing work, join our talent network to stay updated.