Cyber Hunt Analyst - Military veterans preferred

Responsible for supporting the customer in cyber-threat hunting and associated investigations. Also, perform hands-on investigations that require critical thinking and a broad understanding of multiple technologies. The incumbent will support development of presentations and reports to document findings, and will require good communication and interpersonal skills to convey findings in a tactful manner at the technical proficiency level of the audience. This is an opportunity for a team player to enhance a world-class team and learn new skills.  

• Conduct traffic collection, passive/active hunt activities and analysis for threat/intrusion detection as a member of a technical team

• Research, identify and document adversary models for actors that could have an interest or target the supported organization/site (e.g. possible intelligence sources: MITRE ATT&CK/CAR, Sqrrl, ODNI and commercial/local/criminal/open-source intelligence (OSINT))

• Assist in analysis tool development, configuration, implementation and use

• Strategically place, configure and manage sensor technology

• Advanced knowledge in traffic and packet analysis using tools like Wireshark, tcpdump, Splunk, ELK, Bro, RSA and other

• Intermediate knowledge of common forensics techniques, frameworks, tools and capabilities (i.e. EnCase, Volatility, Forensic Toolkit (FTK))

• Develop or follow existing data analytic techniques for correlation of advanced threats TTP and indicators of compromise

• Work extensively from the Windows and UNIX/Linux command line (e.g. Bash and PowerShell)

• Actively hunt for threat, indicators of compromise and assist on investigations of cyber security incidents

• Employ extensive use of Microsoft Office main tools: Word, Excel, PowerPoint and Visio to prepare plans, reports, diagrams, tables, briefings, etc.

• Be able to present, demonstrate, explain and document operational impact for intrusions or system compromise

• Develop proof-of-concept examples and scenarios for reports and live demonstrations

• Create/document tactic, techniques and procedures (TTP) to train and expand/share knowledge with customers and team members

• Critical thinking is a must

Qualifications