Cyber Analysis Lead

Peraton is seeking a Cyber Analysis Lead. Peraton's Defense Mission and Global Health Solutions Sector is seeking a for the Department of Defense (DoD). The successful candidate will be responsible for leading and directing a team of cyber analysts in the identification, analysis, and mitigation of cyber threats and vulnerabilities and the preparation of tailored mitigation recommendations focused on risk reduction. Develop and implement security monitoring strategies and procedures to improve the organization's overall security posture. Lead and mentor a team of cyber analysts, providing guidance on threat intelligence analysis and vulnerability assessments. Provide actionable risk-reduction recommendations to stakeholders based on threat intelligence and analysis findings, contributing to proactive security improvements.

What You'll Do:

Lead a Team of Cyber Analysts: Oversee and direct the work of a team of cyber analysts in identifying, analyzing, and responding to cyber threats, vulnerabilities, and risks. Provide mentorship and guidance to team members, ensuring skill development and high-quality deliverables.
• Threat Intelligence Analysis: Conduct threat analysis using data from various intelligence sources to identify potential cyber risks and ongoing attacks. Guide the team in collecting, correlating, and analyzing threat intelligence data to detect malicious activity.
• Vulnerability Analysis and Mitigation: Perform detailed assessments of vulnerabilities in the organization's networks, systems, and applications. Develop tailored mitigation strategies and recommendations to address vulnerabilities and reduce overall cyber risk.
• Develop Security Monitoring Strategies: Design and implement robust security monitoring procedures and strategies to proactively identify and mitigate emerging cyber threats. Optimize existing security monitoring tools and processes to enhance the organization's detection and response capabilities.
• Provide Risk-Reduction Recommendations: Translate threat intelligence and analysis findings into actionable risk-reduction recommendations for stakeholders. Collaborate with stakeholders to implement long-term strategies for improved security posture and risk mitigation.
• Incident Response Support: Lead or support the team in analyzing and responding to security incidents, leveraging threat data to investigate and contain breaches.
• Develop and Maintain Documentation: Author and review team deliverables, such as reports, briefings, and dashboards, to communicate findings and recommendations effectively. Create and maintain detailed incident, threat intelligence, and vulnerability assessment documentation.
• Collaboration with Stakeholders: Work closely with IT and security teams to coordinate threat intelligence sharing, enhance risk awareness, and implement security measures. Act as a key liaison between cyber analysts and organizational leadership to align security efforts with strategic priorities.
• Continuous Analysis and Process Improvement: Assess and refine cybersecurity processes, tools, and methodologies to ensure efficiency and effectiveness. Stay updated on emerging cyber threats, attack techniques, and countermeasure technologies to inform strategic decisions.
• Manage Tools and Resources: Oversee the configuration and optimization of network security tools (Assured Continuous Assessment Solution (ACAS), Trellix e-Policy orchestrator (ePO), Microsoft Defender for Endpoint/Server (MDE/S), Splunk's SOAR, Splunk's Enterprise User Behavioral Analytics (EUBA), Palo Alto Networks (PAN) IPS modules on Firewall (FW) hardware, Tanium, Privilege Access Management (PAM), Fortify Software Security Center (SSC), Fortify Static Code Analyze, Portswigger Burp, Fortify Web Inspect, Red Hat Advanced Cluster Security for Kubernetes, Sonatype Repository Firewall and SBOM Manager), including intrusion detection/prevention systems (IDS/IPS), SIEM platforms, and vulnerability scanners. Evaluate and recommend new tools and technologies to strengthen the organization's cyber defense capabilities.

Knowledge, Skills, and Abilities

• Advanced Knowledge of Network Infrastructure: Deep understanding of network architectures, protocols (e.g., TCP/IP, DNS, HTTP/S), and technologies (e.g., routers, switches, firewalls) to analyze and secure complex environments.
• Threat Intelligence and Analytics Expertise: Ability to collect, analyze, and contextualize threat intelligence from multiple sources to identify cyber risks and detect malicious activity.
• Vulnerability Assessment and Mitigation Skills: Proficiency in identifying and assessing vulnerabilities in networks, systems, and applications and generating tailored remediation plans to reduce risk.
• Incident Detection and Response Knowledge: Expertise in security incident detection, analysis, and containment, including root cause analysis, attack vector identification, and mitigation strategies.
• Security Monitoring and Tool Proficiency: Advanced skills in configuring and leveraging security monitoring tools such as Intrusion Detection Systems (IDS), Security Information and Event Management (SIEM) platforms, and endpoint detection tools.
• Leadership and Team Mentorship: Strong ability to lead and mentor a team of cyber analysts, providing guidance, fostering skill development, and ensuring high-quality work deliverables.
• Risk Reduction Strategy Development: Proven capability to translate threat and vulnerability analysis into actionable recommendations to enhance organizational security posture and mitigate risks.
• Effective Communication Skills: Ability to convey technical findings, risks, and mitigation strategies to non-technical stakeholders, leadership, and teams in both written and verbal formats.
• Familiarity with Cybersecurity Frameworks and Standards: Knowledge of frameworks like NIST Cybersecurity Framework, MITRE ATT&CK, and other relevant standards to guide security practices and assessments.
• Analytical Thinking and Problem-Solving: Strong analytical and critical thinking abilities to identify security gaps, uncover patterns in threat data, and propose innovative solutions to secure the network against evolving threats.

Required Qualifications

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
• Must be a US Citizen
• Hands-on experience in cybersecurity, with a focus on network security, threat analysis, and incident response.
• Specific experience in developing and implementing security monitoring strategies.
• Experience with leadership or team management experience in a cybersecurity or network analyst role.
• Strong understanding of network infrastructures, protocols, and security technologies, such as firewalls, IDS/IPS, and SIEM platforms.
• Proficiency in conducting threat intelligence analysis and vulnerability assessments.
• Practical experience with risk assessment and providing actionable recommendations for mitigation.
• CompTIA Security+
• Certified Information Systems Security Professional (CISSP)
• Clearance Requirement: Top Secret

Desired Qualifications

• Certified Ethical Hacker (CEH)
• Master's degree in Cybersecurity, Information Assurance, or a related discipline.
• Completion of additional cybersecurity training programs or specialized skill development.
• Hands-on experience in configuring, managing, or optimizing cybersecurity tools to automate detection and response (e.g., Splunk, Palo Alto, etc.).
• Prior experience working in federal or enterprise-level cybersecurity environments, particularly with exposure to frameworks like NIST, MITRE ATT&CK, or ISO standards.
• Proficiency in scripting or automation tools (e.g., Python, PowerShell, Bash) for security monitoring and analysis tasks.
• Certified Information Security Manager (CISM)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• AWS Certified Security - Specialty: (or equivalent cloud-specific certifications) for experience securing cloud-based environments.
• CompTIA CySA+ (Cybersecurity Analyst)
• Project Management Professional (PMP)
• Active Secret or Top Secret clearance

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.