Intermediate Threat Analyst

Job Locations US-AZ-Fort Huachuca
Job Post Information* : Posted Date 5 months ago(3/18/2022 4:05 PM)
Location : Location
US-AZ-Fort Huachuca
Potential for Remote
Clearance Requirement
Top Secret/SCI
Job Requires Relocation
Job Requires Relocation


SOS International, LLC (SOSi) is currently seeking an Intermediate Threat Analyst in Fort Huachuca, AZ. The Intermediate Threat Analyst reports to the T&DA Team Lead and is responsible for supporting the defense of the Army Network.


  • Analyze, correlate, and perform trend analysis for cyber events and incidents to extract indicators of compromise.
  • Monitor dashboards for threat activity to include ArcSight, Gabriel Nimbus, Rally, TYCHON, and Stealthwatch.
  • Perform exploratory analysis of network traffic, audit logs, external threat intelligence, malware analysis, and incident reports to identify any threat not captured through current detection capabilities
  • Coordinate findings with DCI for signature development.
  • Provide operational impact assessments resulting from hunt missions.
  • Provide recommendations to improve intrusion detection, malicious activity response, and vulnerability identification.
  • Coordinate efforts with the Defensive Infrastructure Team and Cyber Defensive Operations Team to improve the enterprise posture and to identify and respond to future malicious activity. These teams have overlapping areas of responsibilities and play an integral part to the success for one other.
  • Review all system development project requests and coordinate schedules and related departmental activity.
  • Provide guidance and work leadership and structure to less-experienced personnel and other technical staff to maintain a dynamic prioritization effort.
  • Maintain current knowledge of relevant technologies as assigned.
  • Provide timely notification to the Government for any critical or high incidents.
  • Provide on-call support after business hours and during weekends when required.
  • Lead positions may have supervisory responsibility to include but not limited to:
    • reporting and timekeeping;
    • technical/administrative training;
    • correspond with the government;
    • scheduling to effectively utilize all team resources;
    • support management decision-making;
    • recommend/take action regarding recognition and discipline;
    • recommend innovative solutions to more effectively and efficiently support work performance.
  • Follow ITIL best practices to manage tickets and processes.
  • Develop and/or maintain SOPs, TTPs, and SmartBooks associated with current knowledge of relevant technologies as assigned.
  • Participate in special projects as required.
  • Actively collaborate with GTMs, Branch Chiefs, Division Chiefs and RCC-C Leadership, as well as NECs, Brigades, LE/CI, and organizations external to the RCC-C.


  • Active in scope Top Secret (TS) with eligibility for Sensitive Compartmented Information (SCI) clearance or the abililty to obtain an Interim Top Secret/SCI eligibility
  • HS +12 years of experience, AA/AS +10 or BA/BS +8
  • An IAT III certification (CASP+CE, CCNP-Security, CISA, CISSP(or Associate), GCED, or GCIH) is required
  • CSSP-A Certification
  • Demonstrated understanding of U.S. Army IT operational and technical requirements and an advanced understanding of Risk Management Framework (RMF)
  • Must be willing to work overtime, after hours, holidays, and weekends, as necessary

Preferred Qualifications

  • Master's degree preferred
  • ITIL Foundation certification
  • Fluency in a foreign language is desirable, but not required

Working Conditions

  • Working conditions are normal for an office environment.
  • Fast paced, deadline-oriented environment.
  • May require periods of non-traditional working hours including consecutive nights or weekends (if applicable)


SOSi is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed