Cyber Threat Analyst
Company: Castalia Systems
Location: Arlington
Posted on: April 2, 2026
|
|
|
Job Description:
Job Type: Full- Time, Providing support during assigned shifts
(M-F Day shift 1400-2230) Workplace Type : Onsite in Arlington, VA
Clearance: Active TS/SCI clearance and ability to get DHS
Suitability Must be a U.S. Citizen Benefits: Medical, dental, and
vision coverage, 401k matching, generous PTO, paid holidays,
professional training opportunities, and even pet insurance to
ensure your furry friends are cared for too. Job Summary Castalia
Systems is supporting a U.S. Government customer to provide support
for onsite incident response to civilian Government agencies and
critical asset owners who experience cyber-attacks, providing
immediate investigation and resolution. Contract personnel perform
investigations to characterize the severity of breaches, develop
mitigation plans, and assist with the restoration of services.
Castalia is seeking a Cyber Threat Analyst to support this critical
customer mission. Roles and Responsibilities A qualified candidate
will perform the following duties and responsibilities, but are not
limited to: Researching and compiling known resolution steps or
workarounds to enable mitigation of potential Computer Network
Defense incidents within the enterprise Applying knowledge of the
tactics, techniques, and procedures of various criminal, insider,
hacktivist, and nation state threat actors to identify and validate
threats Applying cybersecurity concepts to the detection and
defense of intrusions into small, and large-scale IT networks, and
conducting cursory analysis of log data Conducting cursory analysis
of log data Monitoring external data sources (e.g., Computer
Network Defense vendor sites, Computer Emergency Response Teams
[CERTs], SANS, Security Focus) to maintain currency of Computer
Network Defense threat condition and determine which security
issues may have an impact on the enterprise Identifying the cause
of an incident and recognizing the key elements to ask external
entities when learning the background and potential infection
vector of an incident Receiving and analyzing network alerts from
various sources within the enterprise and determining possible
causes of such alerts Tracking and documenting Computer Network
Defense (CND) incidents from initial detection through final
resolution Working with other components within the organization to
obtain and coordinate information pertaining to ongoing incidents.
Required Qualifications: 2 years of directly relevant experience in
cyber incident management or cybersecurity operations BS Incident
Management, Operations Management, Cybersecurity or related degree.
HS Diploma with 4-6 years of incident management or cyber security
experience. Knowledge of incident response and handling
methodologies Knowledge of the NCCIC National Cyber Incident
Scoring System to be able to prioritize triaging of incident
Knowledge of general attack stages (e.g., foot printing and
scanning, enumeration, gaining access, escalation of privileges,
maintaining access, network exploitation, covering tracks, etc.)
Skill in recognizing and categorizing types of vulnerabilities and
associated attacks Knowledge of basic system administration and
operating system hardening techniques Knowledge of Computer Network
Defense policies, procedures, and regulations Knowledge of
different operational threat environments (e.g., first generation
[script kiddies], second generation [non-nation-state sponsored],
and third generation [nation-state sponsored]) Knowledge of system
and application security threats and vulnerabilities (e.g., buffer
overflow, mobile code, cross-site scripting, PL/SQL and injections,
race conditions, covert channel, replay, return- oriented attacks,
and malicious code) Experience with cloud platforms such as AWS,
Azure, or GCP Experience with scripting languages (Bash, Python,
etc.) Desired Qualifications: Knowledge of basic system
administration and operating system hardening techniques Knowledge
of Computer Network Defense policies, procedures, and regulations
Knowledge of different operational threat environments (e.g., first
generation [script kiddies], second generation [non-nation-state
sponsored], and third generation [nation-state sponsored])
Knowledge of system and application security threats and
vulnerabilities (e.g., buffer overflow, mobile code, cross-site
scripting, PL/SQL and injections, race conditions, covert channel,
replay, return- oriented attacks, and malicious code) Physical
Requirements/Work Environment Providing support during assigned
shifts (M-F Day shift 1400-2230) Travel Must be able to work
collaboratively across physical locations Company Description
Castalia Systems is a proven business partner providing mission
critical solutions to the Federal Government. We provide cutting
edge solutions from Securing and Managing Data to Systems
Engineering and Development. Castalia Systems is a pioneer in
Artificial Intelligence Design and Application. With our vast
knowledge of our customers? needs and relevant technology, our team
can bring successful solutions to every mission. We are one-upping
our competitors by providing premium IT solutions and platforms
with cutting-edge technology so it?s very evident when you compare
us with anyone. Disclaimer Castalia Systems is an equal employment
opportunity and affirmative action employer and strives to comply
with all applicable laws prohibiting discrimination based on race,
color, creed, sex, sexual orientation, age, national origin, or
ancestry, physical or mental disability, veteran status, marital
status, HIV-positive status, as well as any other category
protected by federal, state, or local laws. All such discrimination
is unlawful, and all people involved in the operations of the
company are prohibited from engaging in this type of conduct.
Keywords: Castalia Systems, Ellicott City , Cyber Threat Analyst, IT / Software / Systems , Arlington, Maryland
