Mobile Threat Detection (MTD) Analyst - MID

Overview

This mid-level role supports mobile threat detection, incident response, and compliance tasks within the FBI's ESOC. The analyst will participate in daily monitoring of mobile ecosystems, aid in identifying and escalating mobile malware threats, support mobile forensic collections, and integrate security telemetry from MDM and application-level data. The role contributes to alert triage, forensic documentation, and coordination with DFIR and watch floor operations for complete cyber defense coverage. This role supports mobile device forensics, threat identification, and anomaly detection in coordination with both MTD and DFIR teams.

This position performs all duties and responsibilities in accordance with the Mission, Vision, and Core Values of Cayuse.

Responsibilities

• Support leading the analysis and identification of mobile threats, including malware, vulnerabilities, and other malicious activities targeting mobile devices and applications.
• Assist in developing threat intelligence reports based on mobile threat monitoring, investigation, and collaboration with cyber intelligence teams.
• Gain and apply a proficient understanding of mobile operating systems architecture, including security features and limitations.
• Acquire proficient understanding of mobile application security, network protocols, and the potential exploitation vectors.
• Learn and stay informed of threat actor tactics, techniques, and procedures (TTPs) related to mobile threats, including trends in mobile malware and exploits.
• Support developing mitigation strategies for identified mobile threats and collaborate with wider teams.
• Stay up to date with the latest threats, vulnerabilities, and attack techniques targeting mobile devices.
• Collaborate with the SOC to integrate mobile security data with the organization's MDM system.
• Help ensure mobile devices are configured correctly and comply with security policies.
• Assist in implementing tools and processes to detect anomalies and suspicious activities on mobile devices.
• Work closely with the SOC to investigate and respond effectively to mobile security incidents.
• Participate in conducting regular vulnerability assessments on mobile applications and devices.

• Engage in proactive search for signs of compromise on mobile devices using threat-hunting techniques.
• Apply advanced analytics and machine learning techniques for identifying indicative patterns of mobile threats.
• Adapt proactively to new and emerging mobile threats to ensure continuous improvement in defensive measures.
• Support in-depth malware analysis and reverse engineering on mobile devices to determine the impact of malicious activity.
• Contribute to sharing findings to enhance organizational threat intelligence and detection capabilities.
• Maintain thorough documentation of all mobile security incidents, investigations, and response activities.
• Participate in post-incident reviews and continuous process improvement based on lessons learned.
• Stay updated on industry best practices and incorporate these into mobile security strategies.
• Other duties as assigned.

Qualifications

• Knowledge of advanced mobile threat attack vectors, malware, and social engineering tactics.
• Understanding of mobile forensics methodologies and tools for extracting data from devices.
• Knowledge of cryptographic protocols and their application in securing mobile communications.
• Understanding of application sandboxing, secure coding practices, and app integrity checks to prevent exploitation.
• Awareness of the legal and ethical implications of mobile threat detection and incident response, including data privacy laws.
• Active Top-Secret Clearance with SCI Eligibility.

• Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.
• Experience working with the following software:
  • Axiom
  • MobSF
  • Splunk
  • Autopsy
  • Android Debug Bridge
  • MDM integration platforms

 

Preferred Certifications:

• GIAC Continuous Monitoring Certification (GMON).
• GIAC Certified Incident Handler (GCIH).
• GIAC Certified Forensic Analyst (GCFA).
• GIAC Certified Intrusion Analyst (GCIA).
• GIAC Network Forensic Analyst (GNFA).
• GIAC Cloud Threat Detection (GCTD).
• GIAC Cloud Forensics Responder (GCFR).
• GIAC Advanced Smartphone Forensics Certification (GASF).
• GIAC Mobile Device Security Analyst (GMOB).

 

Other Duties: Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job.  Duties, responsibilities, and activities may change at any time with or without notice.

Cayuse is an Equal Opportunity Employer.  All employment decisions are based on merit, qualifications, skills, and abilities. All qualified applicants will receive consideration for employment in accordance with any applicable federal, state, or local law.

 

 

Pay Range

USD $100,000.00 - USD $140,000.00 /Yr.