28 Nov
Cyber Hunt Analyst
West Virginia, Fairmont , 26554 Fairmont USA

Vacancy expired!

Description The Cyber Hunt Analyst is responsible for supporting the customer in cyber-threat hunting and associated investigations. Also, perform hands-on investigations that require critical thinking and a broad understanding of multiple technologies. The incumbent will support development of presentations and reports to document findings, and will require good communication and interpersonal skills to convey findings in a tactful manner at the technical proficiency level of the audience. This is an opportunity for a team player to enhance a world-class team and learn new skills. Requirements

  • Conduct traffic collection, passive/active hunt activities and analysis for threat/intrusion detection as a member of a technical team
  • Must have a thorough knowledge beyond common network ports and protocols
  • Research, identify and document adversary models for actors that could have an interest or target the supported organization/site (e.g. possible intelligence sources: MITRE ATT&CK/CAR, Sqrrl, ODNI and commercial/local/criminal/open-source intelligence (OSINT))
  • Assist in analysis tool development, configuration, implementation and use
  • Strategically place, configure and manage sensor technology
  • Advanced knowledge in traffic and packet analysis using tools like Wireshark, tcpdump, Splunk, ELK, Bro, RSA and other
  • Intermediate knowledge of common forensics techniques, frameworks, tools and capabilities (i.e. EnCase, Volatility, Forensic Toolkit (FTK))
  • Develop or follow existing data analytic techniques for correlation of advanced threats TTP and indicators of compromise
  • Work extensively from the Windows and UNIX/Linux command line (e.g. Bash and PowerShell)
  • Actively hunt for threat, indicators of compromise and assist on investigations of cyber security incidents
  • Employ extensive use of Microsoft Office main tools: Word, Excel, PowerPoint and Visio to prepare plans, reports, diagrams, tables, briefings, etc.
  • Be able to present, demonstrate, explain and document operational impact for intrusions or system compromise
  • Develop proof-of-concept examples and scenarios for reports and live demonstrations
  • Create/document tactic, techniques and procedures (TTP) to train and expand/share knowledge with customers and team members
Qualifications TYPICAL EDUCATION AND EXPERIENCE: Bachelors degree and 0 years related experience.My SAIC Benefits.

Vacancy expired!


Related jobs

Report job