Threat Hunter
2 weeks ago
This role, based in New Carrollton, MD, operates in a hybrid (1 day/week onsite) capacity within the IRS Computer Security Response Center (CSIRC)
Responsibilities of the Treat Hunter:
• Establishing normalized traffic and data flow baselines for anomaly identification.
* Developing technical theories based on threat intelligence.
* Identifying adversary techniques, tactics, and procedures through behavior pattern analysis.
* Demonstrating comprehensive knowledge of threat vectors and their implications on cybersecurity risks for the federal government.
Qualifications of the Threat Hunter:
• Incident Handling Experience working in SOC/CIRT Environment (Not Screen Watchers)
* Proficiency in Splunk Search Processing Language (SPL) for query execution.
* Hands on (in a production environment) experience in Packet Capture (PCAP) Analysis.
* 3-4 years of relevant professional experience.
* Ability to secure an IRS Public Trust security clearance
* Citizenship: United States Citizenship required
Preferred Qualifications (not required):
• Attacker methodology, Red Team, and Penetration testing
* Experience using a scripting language to solve Cyber Security challenges
(Python preferred)
* Ability to Correlate Logs from multiple sources- Log Analysis, Correlation Rules, etc.
* SANS GIAC Certified- https://www.giac.org/certifications/get-certified/roadmap
* Experience with analyzing malware and extracting indicators/call out
* Extracurricular experience is huge bonus points
E.g.- Capture the Flag competitions, Hack The Box, Cyber Club in College, home lab cyber practice to further skills in the field
Compensation for the Threat Hunter:
• Salary: $75,000 - $85,000/ year (depending on experience)
* Term: long term contract
* Benefits: Cigna Medical, Dental, Vision, 401K, 2 weeks Paid Time Off (PTO)
* Work Location: Hybrid - 1x day per week at IRS in New Carrollton, MD
* Shift: 6am-2pm Keywords: Cybersecurity, Incident Response, Splunk, Packet Capture, Network Forensics, Threat Hunting, Intrusion Detection, Log Analysis, SIEM (Security Information and Event Management), Malware Analysis, Network Traffic Analysis, Forensic Analysis, Threat Intelligence, Security Operations Center (SOC), Vulnerability Assessment, IDS/IPS (Intrusion Detection System/Intrusion Prevention System), PCAP Analysis, Network Security, Anomaly Detection, Endpoint Detection and Response (EDR), Cyber Threats, Cyber Attack, Threat Mitigation, Forensic Investigation, Digital Forensics, Security Incident, Data Breach, Advanced Persistent Threat (APT), Insider Threat, Security Policies, Compliance Management, Security Architecture, Security Operations, Incident Handling, Network Security Monitoring (NSM), Security Awareness Training, Security Risk Assessment, Threat Intelligence Platforms (TIP), Security Analytics, Insider Threat Detection, splunk, Splunk, cyber, cyber security, incident response, IR, threat hunter, threating hunting, IDS tools, IDS, PCAP, packet capture analysis, Wireshark, WireShark, Snort, Configures, implements, troubleshoots, Virtual Local Area Networks, Access Control Lists, 802.1x port-based network access control, Virtual Private Networks, Network Time Protocol, Simple Network Management Protocol version 3, Remote Authentication Dial-In User Service, Dynamic Host Configuration Protocol, Microsoft's Network Policy Server, and General Dynamics' GEM One Encryptor Manager, cisco, network admin, network engineer, NetOps, NetworkOps, Net Ops, network operations, CASP, CISA, CISSP, CCNP, CCNA, transitioning veteran, veteran, IT, military, army, navy, national guard, data integrator, data scientist, terraform, AWS, Azure, Google Cloud, cloud, migration, consulting, engineer, CloudFormation, Solutions, infrastructure, functionality, SQL DBA, SQL, SQL database, MS SQL Server, MS SQL, Microsoft SQL, Tableau, Power BI, Crystal, Crystal Reports, SQL Server Report Builder, MS SSRS, SSRS, Database administrator, SQL, DBA, Windows, ACAS, STIG's, STIGS, HBSS, server, server maintenance, Sec+, Security+, IAT, CompTIA, certification, Active Directory, Powershell, scri[ting, windows deployment server, WDS, AD, PKI, Smart Card Login, Windows 2016, Windows 2010, desktop, DevOps, dev ops, fsp, fullscope, full-scope, polygraph, poly, databricks, AWS, YAML, python, java, EC2, S3, cloud formation, Nifi, Pentaho, Apache airflow, UI/UX, Lifecycle, Jenkins, Git, Puppet, DOD, Secret, Top Secret, SAS, R Studio, SPSS, Python, Power BI, Secret Cleared, Top Secret Cleared, TS/SCI Cleared, Laboratory, Data, Data gathering science, DHA, public health, health science, DoD, Department of Defense, Life Cycle Sustainment Plan, Acquisition Strategy, Simplified Acquisition Management Plan, Level of Repair Analysis, Source of Repair Analysis, Logistics Demonstration Planning and Execution, Product Support Package, Technical Manual Development and Finalization, Equipment Standardization, Memorandum of Agreements/Understanding, CDRL Reviews, Property Accountability of all GFE, APSR System updates, IUID Plan, biometrics, life cycle sustainment, life cycle, DoD, CPI, secret clearance, secret, SF, military, accounting, audit readiness, Finance, fund receipt, audit, auditor, financial, financial analyst, Disbursement, Military Pay, Civilian Pay, Travel Pay, Reimbursement Budget Authority and Execution, Contract Pay, Vendor Pay, Data Analysis, Machine Learning Engineer, Data Architect, Military Health, Data Operations Engineer, epidemiologist, disease control, COVID-19, Data Mining, Data Warehousing, Data Modeling, Data Visualization, DoD, CISA, security controls assessor, security control, security, CISSP, CISM, MCSE, CAP, FISMA regulation, FIPS standards, NIST 800 series, NIST Special Publications, Risk Management Framework, IT security, infrastructure, vulnerability assessment, reporting, firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy, security audits, .Net, .net, SQL, server, framework, Kendo UI, query, data, integration, deduplication, interface, SAFe, agile, reconciliation, jira, confluence, COTS, OS patching, VersionOne, NetApp, Linux, linux, windows, Windows, Cloud, Commvault, active directory, Ansible, Jenkins, AccuRev, Gitlab Teradici, PCoIP, scripting, remote display protocols, sharepoint, SharePoint, Sharepoint, .NET, C#, developer, virtual machines, VMware VCenter hypervisor, Citrix XenDesktop, XenApp, Desktop Director, systems engineer, engineer, system, systems, systems engineering, citrix, Citrix, secret, system admin, administator, systems administrator, contracts, contract, contracts specialist, contract specialist, procurement, PD2, procurement desktop, technical writing, technical editor, editor, cybersecurity, cyber security, secret, TS, Top Secret, top secret, sci, clearance, government, DARPA, TS/SCI, DHS, federal, technical writer, business analyst, CONOPS, SOPs, standard operating procedures, sec+, security+, ITIL, ITILV4, adobe, Microsoft office, MS, .NET Framework, C#, AngularJS, Hyper Text Markup Language HTML, AJAX, ASP.NET, XML, JavaScript, Jquery, CSS, Microsoft SharePoint Designer, SharePoint Workflows, Web Services, REST, Keyword Query Language, KQL, SharePoint Server, Internet Information Server, IISsuite, SCI, sensitive compartmented information, operation procedures, mission notes, editing, 508 compliance, documentation, cyber, APT, advanced persistent threat, incident management, incident response, concept of operations mitigation plan, incident response, PTO, Arlington, Virginia, on-site, onsite, on site, benefits, 401k, medical, homeland security, DOD, ci polygraph, counterintelligence, cyber intelligence, cyber investigation, cybersecurity investigation, PTO, technical writing, technical writer, business analyst, technical analyst, technology write, air force, digital forensics, project management, jira, army, military, Patrick space force base, Patrick SFB, SFB, Lompoc, California, CA, cocoa beach, satellite beach, space, research, technology research, technical investigations, secret clearance, ts/sci, top secret, ts, secret clearance, dod, clearance, clearance, cloud project, aws, azure, veterans, retired veterans, #LI-AC3
-
Cyber Threat Hunter
2 weeks ago
Ashburn, VA, United States Leidos Inc Full timeDescription Leidos has an immediate need for a Cyber Threat Hunter to join our NOSC Cyber Team. The ideal Cyber Threat Hunter is someone who is process driven, curious, and enjoys identifying patterns and anomalies in data that are not immediately obvious.The Department of Homeland Security (DHS), Network Operations Security Center (NOSC) Cyber is a US...
-
Cyber Threat Hunter
2 weeks ago
Bowie, MD, United States Zachary Piper Solutions, LLC Full timeZachary Piper Solutions is seeking a HYBRID Junior Cyber Threat Analyst/Hunter to join a Government Client located near New Carrollton, MD. The HYBRID Cyber Threat Analyst/Hunter will be utilizing security tools to analyze network data and protect from cyber threats and attacks. Responsibilities of the HYBRID Cyber Threat Analyst/Hunter include: •...
-
Cyber Threat Hunter Lead with Security Clearance
4 weeks ago
Bay St. Louis, MS, United States Base One Technologies Full timeOur Stennis, MS, DC metro and Ashburn VA based client is looking for Cyber Threat Hunter LeadIf you are qualified for this position, please email your updated resume in word format to Cyber Threat Hunter LeadRequired Education/ExperienceThe candidate must possess an active TS/SCI ClearanceIn addition to clearance requirement, all DHS personnel must obtain an...
-
Threat Hunter with Security Clearance
3 weeks ago
Washington, DC, United States Base One Technologies Full timeRequired Education/ExperienceThe candidate must possess an active TS/SCI ClearanceIn addition to clearance requirement, all DHS personnel must obtain an EODBS degree in Science, Technology, Engineering, Math or related field and 8+ years of prior relevant experience with a focus Primary Responsibilities• Create Threat Models to better understand the DHS IT...
-
Sr. Threat Hunter with Security Clearance
3 weeks ago
Arlington, VA, United States Base One Technologies Full timeOur client is seeking Cyber Forensics Analysts to support the Govt Hunt and Incident Response TeamThis team secures the Nation’s cyber and communications infrastructure while providing front line response for cyber incidents and hunting for malicious cyber activityContract personnel provide front line response for digital forensics/incident response and...
-
Washington, DC, United States Base One Technologies Full timeRequired Education/ExperienceThe candidate must possess an active TS/SCI ClearanceIn addition to clearance requirement, all DHS personnel must obtain an EODBS degree in Science, Technology, Engineering, Math or related field and 12+ years of prior relevant experience with a focus Primary ResponsibilitiesCreate Threat Models to better understand the DHS IT...
-
Host Based Systems Analyst
3 weeks ago
Arlington, VA, United States Arsiem Corporation Full timeARSIEM is seeking a senior Cyber Threat HunterResponsibilities:- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack- Assesses network topology and device configurations identifying critical security concerns and providing...
-
Cyber Security Analyst with Security Clearance
2 weeks ago
Arlington, VA, United States Zachary Piper Solutions, LLC Full timeZachary Piper Solutions provides advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for...
-
Special Operations Forces
2 weeks ago
Herndon, VA, United States Bluehawk, LLC Full timeOverview BLUEHAWK, LLC is a professional services firm providing intelligence, information technology, language, and training services to the U.SGovernment and commercial entities with objectives to protect and defend our nation, citizens, natural resources, critical Infrastructure, freedoms, and human rightsWe are hiring creative, motivated talented...
-
Cyber Detection Analyst
2 weeks ago
Herndon, VA, United States Byte Systems, LLC Full timeCandidate MUST possess a TS/SCI clearance with Intel Polygraph Job Description: The Cloud Cyber Incident Responder on this Cyber Security support contract performs the following duties: Perform cyber analysis and response, detection engineering, and automation for commercial cloud environments Develop metrics and reporting to inform the customer of...
-
Arlington, VA, United States Base One Technologies Full timePrimary Responsibilities:• Lead, manage, and understand the entire endpoint security lifecycle: obtain visibility, minimize surface area of attack, prevent and detect threats, investigate and respond, and remediate• Deploying, configuring, operating, monitoring, tuning, upgrading, and troubleshooting endpoint security tools• Collaborate, guide, and...
-
San Antonio, TX, United States BAE Systems Full timeJob Description BAE Systems is seeking an Open Source Practitioner/Analyst to support our government customerThis Open Source Practitioner/Analyst will be required to:• Conduct collection and exploitation of Publicly Available Information (PAI) via use of OSINT tools* Conduct exploitation of social media and public accessible databases* Produce Open Source...
-
REGISTERED NURSE
1 week ago
, MT, United States Center For Mental Health Full timeRegistered Nurse (MACT) Full-Time/ExemptAny location: Conrad, Cut Bank, Havre, ShelbyMontana Assertive Community Treatment (MACT) ProgramPosition Overview: A member of the MACT team sharing responsibility for the treatment, rehabilitation, and prevention of emotional disorders. The MACT nurse is responsible for conducting psychiatric assessments; assessing...