Millennium Corporation

Cloud Threat Development Analyst

Job Locations US-SC-Charleston
Posted Date 3 days ago(2/26/2021 4:05 PM)
Job ID


Millennium Corporation is hiring a Cloud Threat Analyst in Charleston, SC. Candidate must have an active Top Secret Clearance.


The Cloud Threat Development Analyst will be the organization’s technical analyst that will assess required Defensive Cyber Operations (DCO) capabilities in multiple cloud environments (O365, Azure, AWS, Oracle) and develop appropriate detection measures in a mixed Elastic and Splunk environment. The candidate will perform analysis of available cloud environment data feeds, network monitoring and filtering systems (inc. IDS/IPS), and endpoint protection platforms in order to develop unified detection measures. Ensuring the rigorous application of information security/information assurance policies, principles, and practices. Experience with user associated DoD security practices.

  • Use Network, Host and Cloud Based data to drive detection, monitoring, and response capabilities
  • Create detection analytics based off the MITRE ATT&CK Framework and other security frameworks
  • Perform unique research on adversarial Tools, Techniques, and Procedures (TTPs)
  • Provide assistance to the Ops team in response to incidents by analyzing host behavior and network traffic
  • Authorized to view audit records on Central Log Server
  • Authorized to view alerts of IDS/IPS
  • Authorized to modify auditable events on Central Log Server
  • Overtime may be required as needed to support incident response actions (Surge)


  • Candidate must have an active Top Secret Clearance
  • Bachelor’s degree or higher from accredited university/technical college in Cybersecurity, Computer Science, Information Systems, or other related scientific or technical discipline.
  • Minimum 3-5 years of comparable experience performing Incident Response, Forensics, Malware Analysis, or Penetration Testing
  • 5-7 years of experience if no degree
  • Experience with Cloud monitoring tools preferred (AWS, Azure)
  • Linux administration experience preferred (Redhat)
  • Must be proficient in at least three of the following disciplines:
  • Network traffic analysis and host based log analysis
  • Comprehensive understanding of enterprise Windows security (Active Directory)
  • Static and Dynamic malware analysis
  • Practical knowledge in at least one scripting or development language (e.g. PowerShell or Python)
  • Must have working familiarity with two of the following products:
    • Splunk
    • Elastic
    • Carbon Black Response
    • Fidelis Network
  • Strong written and verbal communication skills
  • Strong understanding of common enterprise technologies
  • Ability to convey extremely technical concepts to audiences with varying technical understanding

Business Development

Assist with Business Development activities as required to support Millennium's strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.

Physical Requirements

  • Must be comfortable with prolonged periods of sitting at a desk and working on a computer.
  • Must be able to lift up to 10-15 pounds at a time.

Travel Requirements

Up to 15% Travel may be required

About Us

Millennium is a strategic management, cybersecurity and systems engineering firm – driven by results and focused on people as we help our customers achieve mission success. With a proven track record of performance with the Army, Navy, OSD, DHS and other agencies, Millennium is a uniquely qualified and committed partner to the Federal Government.  It is through our work that the U.S. military and government is able to identify, manage and defeat threats.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed