Senior Cyber Active Threat Analyst

The Nuclear Company is the fastest growing startup in the nuclear and energy space creating a never before seen fleet-scale approach to building nuclear reactors. Through its design-once, build-many approach and coalition building across communities, regulators, and financial stakeholders, The Nuclear Company is committed to delivering safe and reliable electricity at the lowest cost, while catalyzing the nuclear industry toward rapid development in America and globally.

About The Role

As a Senior Cyber Active Threat Analyst at The Nuclear Company, you will serve as a critical member of our Security Operations Center (SOC), actively hunting for threats and analyzing adversarial behavior to protect Nuclear OS and critical nuclear infrastructure. This role combines advanced threat intelligence analysis with real-time security monitoring to detect, analyze, and respond to sophisticated cyber threats targeting mission-critical nuclear systems. You'll work at the cutting edge of nuclear cybersecurity, leveraging advanced analytics and threat intelligence to identify indicators of compromise and protect critical energy infrastructure from advanced persistent threats (APTs).

Key Responsibilities

Threat Hunting & Detection

- Proactively hunt for threats by analyzing anomalous or suspected adversarial behavior in nuclear digital systems and networks

- Identify indications of compromise including unusual network traffic, unusual file changes, and the presence of malicious code

- Detect malicious or suspicious access control or networking anomalies occurring at established defensive level boundaries and within security levels

- Identify malicious activity at the earliest possible time and take appropriate actions

- Isolate and contain malicious activity to prevent spread and minimize impact

Security Monitoring & Analysis

- Monitor SIEM systems (Security Information and Event Management) to collect, correlate, and analyze security events from multiple sources

- Analyze SIEM logs for incident indicators, identify attack vectors and entry points, and conduct root cause analysis investigations

- Monitor intrusion detection systems and network security monitoring tools to identify potential security incidents

- Correlate security events from perimeter defenses, network devices, and endpoint agent data feeds to identify threats

- Adjust monitoring tools and techniques as threat agents constantly change and adapt their tactics to circumvent defenses

Threat Intelligence & Analysis

- Develop and maintain threat intelligence on current adversarial tactics, techniques, and procedures (TTPs)

- Assess adversary threat capabilities and understand advanced persistent threat (APT) methodologies

- Analyze malicious code to understand adversary tradecraft and the functionality of specific threats

- Share threat intelligence with peer organizations, Information Sharing and Analysis Centers (ISAC), and relevant government departments

- Monitor threat landscape updates and adapt security posture based on emerging threats

Incident Response Support

- Support cybersecurity incident response team (CSIRT) functions during active incidents

- Rapidly develop appropriate responses when threats are detected, correlating new incidents with information on past intrusions

- Identify, classify, and respond to cyber security incidents and determine whether incidents are reportable

- Perform rapid forensic preservation and analysis to support incident investigations

- Track and document security incidents using automated mechanisms to assist in collection and analysis

Collaboration & Reporting

- Collaborate with integrated incident response teams including forensic analysts, malicious code analysts, and systems security engineers

- Provide detailed threat analysis reports to leadership and stakeholders on emerging threats and security posture

- Notify appropriate authorities including E-ISAC and CISA of reportable cyber security incidents

- Maintain expert skill and knowledge in cybersecurity, staying current with emerging threats and detection methodologies

Required Qualifications

- 5+ years of experience in cybersecurity with focus on threat analysis, security monitoring, or SOC operations

- Bachelor's degree in Cybersecurity, Computer Science, Information Security, or related field (or equivalent experience)

- Deep expertise in SIEM systems (Splunk, Elastic Security, or similar) including log collection, correlation, and analysis

- Strong understanding of adversarial tactics, techniques, and procedures (MITRE ATT&CK framework)

- Experience with threat hunting methodologies and proactive threat detection

- Knowledge of intrusion detection systems (IDS/IPS), network security monitoring, and endpoint detection and response (EDR)

- Understanding of indicators of compromise and anomalous behavior patterns

- Experience with incident response procedures and root cause analysis

- Strong analytical and problem-solving skills with ability to correlate data from multiple sources

- Excellent communication skills to convey technical findings to diverse audiences

- Professional certifications such as GCIA, GCIH, GCFA, CySA+, or equivalent

Preferred Qualifications

- Experience in critical infrastructure or industrial control systems (ICS/SCADA) security

- Knowledge of NRC cybersecurity regulations (10 CFR 73.54) and nuclear industry requirements

- Experience with advanced threat intelligence platforms and threat intelligence sharing

- Background in malware analysis and reverse engineering

- Familiarity with Palantir technologies or similar data integration platforms for security analytics

- Experience with machine learning and advanced analytics for threat detection

- Knowledge of nuclear digital systems and operational technology environments

- Advanced certifications such as GCTI, GNFA, OSCP, or similar

- Scripting/programming skills in Python, PowerShell, or similar languages

- Security clearance eligibility

Benefits

- Competitive compensation packages

- 401k with company match

- Medical, dental, vision plans

- Generous vacation policy, plus holidays

Estimated Starting Salary Range

The estimated starting salary range for this role is $121,000 - $143,000 annually less applicable withholdings and deductions, paid on a bi-weekly basis. The actual salary offered may vary based on relevant factors as determined in the Company’s discretion, which may include experience, qualifications, tenure, skill set, availability of qualified candidates, geographic location, certifications held, and other criteria deemed pertinent to the particular role.

EEO Statement

The Nuclear Company is an equal opportunity employer committed to fostering an environment of inclusion in the workplace. We provide equal employment opportunities to all qualified applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other protected characteristic. We prohibit discrimination in all aspects of employment, including hiring, promotion, demotion, transfer, compensation, and termination.

Export Control

Certain positions at The Nuclear Company may involve access to information and technology subject to export controls under U.S. law. Compliance with these export controls may result in The Nuclear Company limiting its consideration of certain applicants.