Please scroll down, To apply

Threat Hunt Analyst with Security Clearance

hiring now

Base One Technologies

2024-11-10 09:44:31

Job location Ashburn, Virginia, United States

Job type: fulltime

Job industry: I.T. & Communications

Job description

Primary Responsibilities
• Create Threat Models to better understand the DHS IT Enterprise, identify defensive gaps, and prioritize mitigations
• Author, update, and maintain SOPs, playbooks, work instructions
• Utilize Threat Intelligence and Threat Models to create threat hypotheses
• Plan and scope Threat Hunt Missions to verify threat hypotheses
• Proactively and iteratively search through systems and networks to detect advanced threats
• Analyze host, network, and application logs in addition to malware and code
• Prepare and report risk analysis and threat findings to appropriate stakeholders
• Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation.
• Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise Required Education/Experience
BS degree or equivalent and 2-4 years of prior relevant experience, or a master's with less than 2 years, in order to operate within the scope contemplated by the level. Preferred Qualifications
• Expertise in network and host-based analysis and investigation
• Demonstrated experience planning and executing threat hunt missions
• Understanding of complex Enterprise networks to include routing, switching, firewalls, proxies, load balancers
• Working knowledge of common (HTTP, DNS, SMB, etc) networking protocols
• Familiar with operation of both Windows and Linux based systems
• Proficient with scripting languages such as Python or PowerShell
• Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL)
• Demonstrated experience triaging and responding to APT activities.
• Experience working with various technologies and platform such as AWS, Azure, O365, containers, etc.
• Understanding of current cyber threat landscape, the different tactics commonly used by adversaries and how you would investigate, contain and recover against their attacks.

Inform a friend!

<!– job description page –>
Top