Cyber Threat Hunter
2 weeks ago
Description
Leidos has an immediate need for a Cyber Threat Hunter to join our NOSC Cyber Team. The ideal Cyber Threat Hunter is someone who is process driven, curious, and enjoys identifying patterns and anomalies in data that are not immediately obvious.
The Department of Homeland Security (DHS), Network Operations Security Center (NOSC) Cyber is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to DHS networks through monitoring, intrusion detection and protective security services to DHS information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations.
The NOSC Cyber is responsible for the overall security of DHS Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.
Primary Responsibilities:
- Create Threat Models to better understand the DHS IT Enterprise, identify defensive gaps, and prioritize mitigations
- Author, update, and maintain SOPs, playbooks, work instructions
- Utilize Threat Intelligence and Threat Models to create threat hypotheses
- Plan and scope Threat Hunt Missions to verify threat hypotheses
- Proactively and iteratively search through systems and networks to detect advanced threats
- Analyze host, network, and application logs in addition to malware and code
- Prepare and report risk analysis and threat findings to appropriate stakeholders
- Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation.
- Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise
Basic Qualifications:
All Cyber Threat Hunt candidates shall have a minimum of a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field PLUS 8-12 years of experience in incident detection and response, malware analysis, and/or cyber forensics.
- The candidate must possess an active Top Secret Clearance. In addition to clearance requirement, all DHS personnel must obtain an EOD.
- BS degree in Science, Technology, Engineering, Math or related field and 8 years of prior relevant experience with a focus on Cyber Security or Masters with 6 years of prior relevant experience.
- Should have at least 4 years of experience serving as a SOC Analyst and/or Incident Responder
- Ability to work independently with minimal direction; self-starter/self-motivated
- Must be a US Citizen.
- Must have TS/SCI. In addition to specific security clearance requirements, all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
- Must have one of the following certifications: CASP+ CE, CCNP-Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP
- Preferred Qualifications
- Expertise in network and host-based analysis and investigation
- Demonstrated experience planning and executing threat hunt missions
- Understanding of complex Enterprise networks to include routing, switching, firewalls, proxies, load balancers
- Working knowledge of common (HTTP, DNS, SMB, etc) networking protocols
- Familiar with operation of both Windows and Linux based systems
- Proficient with scripting languages such as Python or PowerShell
- Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL)
- Demonstrated experience triaging and responding to APT activities.
- Experience working with various technologies and platform such as AWS, Azure, O365, containers, etc.
- Understanding of current cyber threat landscape, the different tactics commonly used by adversaries and how you would investigate, contain and recover against their attacks.
Previous experience in a federal government threat hunt team, especially DHS or DOD
Original Posting Date:2024-04-22While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:Pay Range $101,400.00 - $183,300.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
-
Cyber Threat Detection Engineer SME
3 weeks ago
Ashburn, United States CareerBuilder Full timeBS degree in Science, Technology, Engineering, Math or related field and 8 years of prior relevant experience with a focus on cyber security or Masters with 6 years of prior relevant experience. Should have 5 years of experience serving as a digital media Primary Responsibilities Identify gaps in malicious activity detection capabilities Create new...
-
Cyber Incident Response Analyst
4 weeks ago
Ashburn, United States Leidos Full time**Description** Our Security Operations Center (SOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the government Enterprise. We have primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet...
-
Lead Cyber Security Operations Center
2 days ago
Quincy, MA, United States State Street Corporation Full timeWho are we looking for: State Street seeks to recruit an Lead Cyber Security Operations Center (SOC) analyst that will assist in the detection, triage, analysis and response to cyber-attacks. The analyst will join our SOC team which will run a 24/7 coverage, 365 days a year model, with a partner team in Ireland. The SOC team is responsible for analyzing...
-
Cyber Network Defense Analyst Level III
2 weeks ago
Arlington, VA, United States ZP Group Full timeCyber Network Defense Analyst Level III Arlington, VA Job Id: 87991 Job Category: Other Job Location: Arlington, VA Security Clearance: TS/SCI Business Unit: ZP Group Division: Not Defined Position Owner: Trudee Wooden The DHS’s Hunt and Incident Response Team (HIRT) secures the Nation’s cyber and...
-
Cyber Network Defense Analyst
3 weeks ago
Arlington, VA, United States ZP Group Full timeCyber Network Defense Analyst - Level IV Arlington, VA Job Id: 87992 Job Category: Other Job Location: Arlington, VA Security Clearance: TS/SCI Business Unit: ZP Group Division: Not Defined Position Owner: Trudee Wooden Zachary Piper Solutions provides remote and onsite advanced technical assistance, proactive...
-
Quincy, MA, United States State Street Corporation Full timeWho are we looking for: State Street seeks to recruit an Early Career Cyber Security Operations Center (SOC) analyst that will assist in the detection, triage, analysis and response to cyber-attacks. The analyst will join our SOC team which will run a 24/7 coverage, 365 days a year model, with a partner team in Ireland. The SOC team is responsible for...
-
Cyber Security Operations Center
7 days ago
Quincy, MA, United States State Street Corporation Full timeState Street seeks to recruit a SOC Manager for its Cyber Defense Center. The SOC Manager will help lead the triage, analysis and response to cyber-attacks. Join us in evolving our response capabilities to protect State Street, its customers and partners from ever-evolving and sophisticated threat actors. State Streets Cyber Fusion Center is responsible for...
-
Senior Cyber Defense Engineer
1 month ago
Chicago, IL, United States CME Group Full timeDescription Senior Cyber Defense Engineer (Systems) Position SummaryThis is a perfect opportunity for the right person to become a key part of a team of cybersecurity professionals that are executing a pivotal role in protecting and defending the nation's critical infrastructure. The Senior Cyber Defense Engineer will create, implement, and subsequently...
-
Incident Response Analyst
3 weeks ago
Ashburn, United States Agile Defense Full timeAgile Defense We are in the business of innovation through information technology and cybersecurity, delivered exceptionally. View company page Agile Defense provides leading-edge Digital Transformation solutions to support and advance our customers' mission. We deliver innovative and high-quality services to our customers worldwide through an empowered and...
-
Staff Security Engineer
2 days ago
North Cambridge, MA, United States State Street Corporation Full timeWho we are looking for The State Street Global Cybersecurity team is looking for a Staff Security Engineer - Identity Threats & IAM Defense. The Cybersecurity team delivers platforms, architecture, and tooling to help Cybersecurity teams make faster, more informed decisions as we work to secure State Street's digital footprint. As a Staff Security Engineer -...
-
Penetration Tester
5 days ago
Ashburn, United States Gray Tier Technologies LLC Full timeGray Tier Technologies is looking for a Penetration Tester to support Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) which is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security...
-
Senior Penetration Tester
2 weeks ago
Ashburn, United States Gray Tier Technologies LLC Full timeDepartment of Homeland Security (DHS), Enterprise Security Operations Center (ESOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents...
-
Senior Penetration Tester
2 weeks ago
Ashburn, United States Gray Tier Technologies Full timeDepartment of Homeland Security (DHS), Enterprise Security Operations Center (ESOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents...
-
Senior Penetration Tester
4 days ago
Ashburn, United States Gray Tier Technologies LLC Full timeDepartment of Homeland Security (DHS), Enterprise Security Operations Center (ESOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents...
-
Detection Engineer- Secret Cleared
2 weeks ago
Ashburn, United States Federal Staffing Solutions Inc. Full timeJob DescriptionJob DescriptionWe connect our employees with some of the best opportunities around.Time and time again, our employees tell us that the most important thing we offer is respect. Federal Staffing Solutions puts people to work in all types of jobs. When you work with us, you build a relationship with a team of employment professionals in your...
-
Arlington, VA, United States Invictus International Consulting Full timeTitle: Counter Drug/Transnational Organized Crime Analyst Location: Arlington, VAClearance: TS/SCI Responsibilities:Conduct all-source network analysis of world-wide drug related issues to include Transnational Organized Crime (TOC) and drug trafficking organizations (DTOs) Provide operational intelligence support both for DoD elements performing various...
-
Cloud Performance Engineer
7 days ago
Arlington, VA, United States Peraton Full timePeraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and...
-
Transformation Business Analyst Lead
2 weeks ago
Arlington, VA, United States ECS Federal Full timeECS is seeking a Transformation Business Analyst Lead to work in our Arlington, VA office. Please Note: This position is contingent upon contract award.Job Description:ECS is seeking talented professionals to join our successful and growing team in building the next-generation Continuous Diagnostics and Mitigation (CDM) Cyber data solution. The CDM Program...
-
Integration Lead
1 week ago
Arlington, VA, United States ECS Federal Full timeECS is seeking an Integration Lead / Manager to work in our Arlington, VA office. Please Note: This position is contingent upon contract award.Job Description:ECS is seeking talented professionals to join our successful and growing team in building the next-generation Continuous Diagnostics and Mitigation (CDM) Cyber data solution. The CDM Program is the...
-
ISSE
3 weeks ago
Chantilly, VA, USA, United States Engility Corporation Full timeSAIC is seeking a Senior Principal Cybersecurity Engineer/ISSE to provide SETA support to SAIC's Prime Program, Landmark AOS in Chantilly, VA. Landmark AOS is a large SETA program, supporting the NRO's Ground Enterprise Directorate (GED), responsible for the acquisition of systems over the complete end-to-end life cycle.As the Senior Principal Cybersecurity...
