Threat Hunter with Security Clearance
4 weeks ago
The ideal Cyber Threat Hunter is someone who is process driven, curious, and enjoys identifying patterns and anomalies in data that are not immediately obvious
The Cyber Threat Hunter will:
• Create Threat Models to better understand the CBP IT Enterprise, identify defensive gaps, and prioritize mitigations
• Author, update, and maintain SOPs, playbooks, work instructions • Utilize Threat Intelligence and Threat Models to create threat hypotheses
• Plan and scope Threat Hunt Missions to verify threat hypotheses
• Proactively and iteratively search through systems and networks to detect advanced threats
• Analyze host, network, and application logs in addition to malware and code
• Prepare and report risk analysis and threat findings to appropriate stakeholders
• Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation
• Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise Basic Qualifications NEW REQUIREMENT as of 6/27/2022: In addition to uploading the resume, please email us a copy of the candidate’s current certifications (actual certificate) as a way to validate that certs are current and active
The ideal candidate will have the following qualifications:
• Expertise in network and host based analysis and investigation
• Demonstrated experience planning and executing threat hunt missions
• Understanding of complex Enterprise networks to include routing, switching, firewalls, proxies, load balancers
• Working knowledge of common (HTTP, DNS, SMB, etc) networking protocols
• Familiar with operation of both Windows and Linux based systems
• Proficient with scripting languages such as Python or PowerShell
• Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL) The candidate must currently possess a Top Secret Clearance
In addition to clearance requirement, all CBP personnel must have a current or be able to favorably pass a 5 year background investigation (BI).
Should have 2 years of experience serving as a SOC Analyst or Incident Responder
Ability to work independently with minimal direction; self-starter/self-motivated Requirement Certifications/One of the following certifications
CCFP – Certified Cyber Forensics Professional
CCNA Security
CCNP Security
CEH – Certified Ethical Hacker
CHFI – Computer Hacking Forensic Investigator
CISSP – Certified Information Systems Security
ECES – EC-Council Certified Encryption Specialist
ECIH – EC-Council Certified Incident Handler
ECSA – EC-Council Certified Security Analyst
ECSS – EC-Council Certified Security Specialist
EnCE
ENSA – EC-Council Network Security Administrator
GCFA – Forensic Analyst
GCFE – Forensic Examiner
GCIH – Incident Handler
GISF – Security Fundamentals
GNFA – Network Forensic Analyst
GREM – Reverse Engineering Malware
GWEB – Web Application Defender
GXPN – Exploit Researcher and Advanced Penetration Tester
LPT – Licensed Penetration Tester
OSCE (Certified Expert)
OSCP (Certified Professional)
OSEE (Exploitation Expert)
OSWP (Wireless Professional)
CIRC
FIWE
WFE-E-CI
FTK-WFE-FTK Required Education/Experience
BS degree in Science, Technology, Engineering, Math or related field and 3 years of prior relevant experience with a focus on CyberSecurity or Masters with 1 years of prior relevant experience.
-
Threat Hunt Analyst
4 weeks ago
Washington, United States CareerBuilder Full timePrimary Responsibilities The ideal Cyber Threat Hunter is someone who is process driven, curious, and enjoys identifying patterns and anomalies in data that are not immediately obvious. The Cyber Threat Hunter will: Create Threat Models to better understand the CBP IT Enterprise, identify defensive gaps, and prioritize mitigations Author, update, and...
-
Insider Threat Specialist
3 weeks ago
Washington, United States ASRC Federal Full timeASRC Federal Professional Services is seeking a dynamic self-starter with experience in Insider Threat Security (IntSEC) discipline to support the Pentagon's Joint Service Security Office (JSSO). As part of its IntSEC mission, the Joint Staff Security Office is responsible for the establishing an Insider Threat Program (InTP) to identify and mitigate...
-
Cyber Security Threat EngineerContract
1 week ago
Washington, DC, United States Comtech Full timeCompany DescriptionComtech is a woman-owned small business founded in 1998 and headquartered in Reston, VA. We offer IT solutions across the disciplines of program/project management, applications development, infrastructure, Cyber security, and enterprise content/data management services. We have developed our methodologies and processes based on the IT...
-
Security Engineer
3 weeks ago
Washington, United States PKH Enterprises Full timeJob DescriptionJob Description Insider Threat Security EngineerPKH Enterprises is seeking qualified individuals to support both government and private-sector clients in the development and implementation of insider threat and asset protection programs. Qualified candidates should have knowledge of insider threat program elements, governance models and...
-
Cyber Threat Intel Analyst
1 day ago
Washington, United States Scout Solutions Inc Defunct Full timeCyber Threat Intel Analyst Location: Washington D.C. / Hybrid Clearance: must be eligible for SBA Public Trust Full Time Company Description Our client is in search of a Cyber Threat Intelligence analyst possessing robust writing, research, and analysis skills to bolster their Cyber Threat Intelligence team. This role is dedicated to supporting a prominent...
-
Senior Cyber Security Engineer
2 weeks ago
Washington, United States Iron Vine Security Full timeJob Requirements: · Strong written and verbal communication skills. · Experience designing, implementing, and maintaining IT security systems to protect digital assets from malicious cyber-attacks. · Experience developing and implementing an annual Incident Response Training and Testing Program · Experience implementing, configuring, and...
-
Security Engineer
4 weeks ago
Washington, United States PKH Enterprises Full timeJob DescriptionJob DescriptionInsider Threat Security EngineerPKH Enterprises is seeking qualified individuals to support both government and private-sector clients in the development and implementation of insider threat and asset protection programs. Qualified candidates should have knowledge of insider threat program elements, governance models and overall...
-
Sr. Cyber Security Analyst
4 weeks ago
Washington, United States Abacus Technology Corporation Full timeOverviewAbacus Technology is seeking a Sr. Cyber Security Analyst to plan and implement security measures for IT systems in the DoE Office of Environment, Health, Safety, and Security (EHHS). This is a full-time position.ResponsibilitiesAssist in developing the DoE EHSS security posture.Protect network and IT infrastructure and telecommunications systems and...
-
Insider Threat Policy Analysis
1 month ago
Washington, United States Fathom Management LLC Full time**Insider Threat Policy Analysis** Seeking a **Insider Threat Policy Analysis** with a minimum of 10 years' experience supporting the DoD Security and InT policy team and oversight processes on a continuous basis, including policy creation, development, editing, comment adjudication, and formal coordination. Evaluate, study, and streamline business...
-
Digital Forensics
1 week ago
Washington, United States XOR Security Full timeJob Title: Digital Forensics & E-Discovery Specialist - SME Location: 1 Massachusetts Ave NW Washington, District of Columbia 20001 Clearance Level: Active Secret Required Certification(s): One of the following: GCIA, GCED, GCFA, GCFE, GCTI, GNFA, GCIH, ECSA, CHFI, CISSP, Security+, Network+, CEH, CND. CCE, CFC, EnCE, CFCE, GREM SUMMARYXOR Security, an...
-
Entry Level Intelligence Analyst
2 weeks ago
Washington, United States Jacobs Full timeYour Impact:Jacobs is looking for an Entry Level Intelligence Analyst to join our team in DC!Team Jacobs provides significant value to the customer by proactively identifying national security threats via conducting in-depth analyses using government and public source datasets to identify and track terrorist and national security threats and provides...
-
Security Officer
1 month ago
Washington, United States DMAC Security Full time**Attention: Armed and Unarmed Officers: SO, SPO and DCJS** DMAC Security is actively seeking a skilled individual to monitor and detect criminal activities, swiftly alerting the appropriate authorities. Your keen observation and prompt reactions play a critical role in upholding property security and fostering a sense of safety for all. As a Security...
-
Cybersecurity Specialist
4 hours ago
Washington, United States LMI Full timeOverviewLMI is seeking a skilled Cybersecurity Specialistwith a concentration in Cyber Hunting in a fully remote role with the ability to travel to our client facility in Atlanta, GA as needed.Top Secret/Sensitive Compartmented Information (TS/SCI) clearance is required.LMI is a consultancy dedicated to improving the business of government, drawing from deep...
-
Security Operations Officer
2 days ago
Washington, United States NMR Consulting Full timePosition: Security Operations Officer Location: Washington DC Clearance: Secret NMR Consulting is looking for staff members to support our government client located in Washington DC. This will utilize a 24/7-365 model with 4 employees during the day, 4 employees in the afternoon, and 3 employees overnight with shifts of 8 hours. Operators will handle...
-
Incident Response Analyst
1 month ago
Washington, United States MindPoint Group Full timeMindPoint Group is seeking a Tier 2 Incident Response Analyst to support threat monitoring, detection, event analysis, and incident reporting. The Security Operations Center is a 24/7 environment. You will be responsible for monitoring enterprise networks and systems, detecting events, and reporting on any and all threats that are directed against those...
-
Cyber Threat Intelligence Senior Analyst
1 week ago
Washington, Washington, D.C., United States Bank of America Full timeJob Description:At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.One of the keys to driving Responsible Growth is being a great place to work for our...
-
Operations Management Analyst
4 hours ago
Washington, United States LMI Full timeOverviewLMI is seeking a Operations Management Analyst to join our DHS CWMD Operations Support Directorate (OSD) front office. This position requires an Active Secret clearance and the ability to obtain DHS Suitability. This is an Onsite position at Client’s location in Washington, DC.With the threat of transnational terrorism and ongoing development of...
-
Security Officer
2 days ago
Washington, United States NMR Consulting Full timePosition: Security Operations Officer Location: Washington DC Clearance: Secret NMR Consulting is looking for staff members to support our government client located in Washington DC. This will utilize a 24/7-365 model with 4 employees during the day, 4 employees in the afternoon, and 3 employees overnight with shifts of 8 hours. Operators will handle...
-
Cyber Security Watch Officer
4 weeks ago
Washington, United States Leidos Full time**Description** Leidos has a current job opportunity for a Cyber Security Watch Officer (CSWO) at the Pentagon. **This position will work Day Shift (0600-1400).** **Position Summary**: The incumbent will serve as a Cyber Security Watch Officer (CSWO) on the DISA GSM-O program supporting the Joint Service Provider (JSP) Joint Network Operation and Support...
-
Information Security Writer and Editor
4 days ago
Washington, United States ECS Full timeECS is seeking an Information Security Writer and Editor to work in our Washington, DC office.Job Description:We are seeking a talented and experienced Information Security Writer and Editor to join our team. The ideal candidate will possess a strong background in information security and cybersecurity, coupled with exceptional writing and editing skills....