DMI (Digital Management, LLC.) is a global technology solutions company that specializes in digital strategy, design, transformation and support. Utilizing expertise from six unique DMI Groups, in the areas of AI & Analytics, Commerce, Experience, Managed Services, Transformation, and Government, DMI delivers intelligent digital transformation solutions that meet organizations where they are. Born digital, DMI has been delivering mission-critical, enterprise grade solutions since 2002 for over a hundred Fortune 1000 enterprises and all fifteen U.S. Federal Departments. DMI has grown to 2,000+ employees globally and has been continually recognized by top industry analysts as market leader as well as a Top Place to Work by the Washington Post. DMInc.com| Careers | Twitter | LinkedIn |Facebook 

DMI, LLC is seeking a full time Cyber Threat Intel Analyst to support a state customer.

Duties and Responsibilities:

• Conduct all-source analysis, digital forensics, and targeted research to identify, monitor, assess, and counter the threat posed by criminal cyber actors. Utilize threat intelligence platforms and tools to mitigate potential threats to users, networks, and data.
• Respond to computer security incidents in compliance with Information Security Policies and Industry Best Practices. Coordinate the efforts of and provide timely updates to multiple sectors and business units during incident response. Additionally, the candidate will provide security related recommendations to the team as threat events unfold.
• Provide information and assessments for the purposes of informing leadership and users/customers.
• Perform network security analysis in support of Intrusion Detection operations including the development and enrichment of indicators used to enhance the network security posture.
• Contribute to a team of information security professionals analyzing threat data, writing reports, briefing event details to leadership, and coordinating remediation activities across multiple State agencies.
• Ensures technical security improvements are effective and maintained within configuration management structures.
• Ensures technology employed by the Security Monitoring Team compliments operational processes.
• On occasion, provide extended shift coverage with minimal travel required.
• Monitor various information security related platforms and forums including Recorded Future, Anomali ThreatStream, SANS Internet Storm Center, Krebs on Security, and other forums and mailing lists to stay up to date on current network threats, attack methodologies and trends.
• Analyze the potential impact of new threats and exploits and communicate risks to relevant leadership and business units.
• Monitor the State of Maryland networks to find anomalous or malicious activity using various analytical methods and Security Event and Incident Monitoring (SEIM) tools in a fast-paced operational environment.

Required Skills and Qualifications:

• Bachelor’s Degree in Computer Science/Computer Engineering, Information/Network Security, Cybersecurity, or related field with 5-7 years of related work experience; OR equivalent experience in lieu of degree.

Required Skills/Certifications:

• Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
• Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
• Coursework and previous experience directly related to Cyber Operations environment.
• Experience with Splunk, ServiceNow, Recorded Future, Anomali ThreatStream, and other cybersecurity tools as required.
• Ability to work in a team environment ability to taking initiative to understand and master new operating systems, security applications and open-source tools.
• Knowledge with Windows and Linux operating systems and common applications, working knowledge of and experience in detecting malicious code and methods of infection (ports, attachments, etc.).
• Knowledge of information systems security concepts and technologies; network architecture and tools; general database concepts; document management; hardware and software troubleshooting; intrusion tools; and open-source alternatives.
• Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects.
• Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).
• Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).

Required Certification(s):

• At least one certification from the CSSP Incident Responder Category (CEH, CFR, CCNA Cyber Ops, CCNA-Security, CHFI, CySA+ **, GCFA, GCIH, SCYBER, PenTest+)

Min. Citizenship Status Required: US Citizen

Location: Crownsville, MD (on-site)

#LI-MP1

Working at DMI

DMI is a diverse, prosperous and rewarding place to work. We provide our employees with competitive benefits, educational assistance, and career growth opportunities. Every employee is valued for their talents and contributions. We all take pride in helping our customers achieve their goals, which in turn contributes to the overall success of the company.

The company does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans, and to treat qualified individuals without discrimination on the basis of their physical or mental disability or veteran status. DMI is an Equal Opportunity Employer Minority/Female/Veteran/Disabled.

***************** No Agencies Please *****************

Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.

#LI-CA1