Cyber Threat Hunter SME
5 months ago
Gray Tier Technologies is looking for a Cyber Threat Hunter SME to support The Department of Homeland Security (DHS) Hunt and Incident Response Team (HIRT). DHS HIRT secures the Nation's cyber and communications infrastructure. HIRT provides DHS's front-line response for cyber incidents and proactively hunting for malicious cyber activity. Gray Tier Technologies performs HIRT investigations to develop a preliminary diagnosis of the severity of breaches. Gray Tier provides HIRT remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. This role provides remote and onsite advanced technical assistance for proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. We are seeking a Threat Hunters to support this critical customer mission.
RESPONSIBILITIES:
-
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
-
Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations
-
Collects network intrusion artifacts (e.g., PCAP, domains, URI's, certificates, etc.) and uses discovered data to enable mitigation of potential incidents
-
Collects network device integrity data and analyze for signs of tampering or compromise
-
Analyzes identified malicious network and system log activity to determine weaknesses exploited, exploitation methods, effects on system and information
-
Tracking and documenting on-site incident response activities and providing updates to leadership through executive summaries and in-depth technical reports
-
Planning, coordinating and directing the inventory, examination and comprehensive technical analysis of computer related evidence
-
Serving as technical forensics liaison to stakeholders and explaining investigation details
REQUIRED SKILLS:
-
U.S. Citizenship
-
Must have an active Secret clearance (TS/SCI eligible) and be able to obtain DHS Suitability
-
8+ years of directly relevant experience in cyber forensic and network investigations using leading edge technologies and industry standard forensic tools
-
Experience with reconstructing a malicious attack or activity
-
Ability to characterize and analyze network traffic, identify anomalous activity / potential threats, analyze anomalies in network traffic using metadata
-
Ability to create forensically sound duplicates of evidence (forensic images)
-
Able to write cyber investigative reports documenting forensics findings
-
In depth knowledge and experience of:
identifying different classes and characterization of attacks and attack stages
CND policies, procedures and regulations
proactive analysis of systems and networks, to include creating trust levels of critical resources
system and application security threats and vulnerabilities
of network topologies, Wi-Fi Networking, and TCP/IP protocols
Splunk (or other SIEMs)
Vulnerability scanning, assessment and monitoring tools such as Security Center, Nessus, and Endgame
MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
- Must be able to work collaboratively across physical locations.
DESIRED SKILLS:
- Experience and proficiency with the following tools and techniques:
EnCase, FTK, SIFT, X-Ways, Volatility, WireShark, Sleuth Kit/Autopsy, and Snort
EDR Tools: Crowdstrike, Carbon Black, Etc
Carving and extracting information from PCAP data
Non-traditional network traffic: Command and Control
Preserving evidence integrity according to national standards
Designing cyber security systems and environments in a Linux environment
Virtualized environments
Conducting all-source research
REQUIRED EDUCATION:
8+ years of experience and BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10+ years of host or digital forensics or network forensic experience
DESIRED CERTIFICATIONS:
- GCFA, GCFE, EnCE, CCE, CFCE, CEH, CCNA, CCSP, CCIE, OSCP, GNFA
Requires expert or mastery level knowledge of work area, typically obtained through advanced education combined with experience.
May have deep knowledge of project management. Advanced knowledge of related disciplines within work area and ability to identify links and potential impact on projects, programs or systems.
TYPICALLY REQUIRES:
A University Degree or equivalent experience and minimum 10 years prior relevant experience, or An Advanced Degree in a related field and minimum 7 years experience Engineering/Other Technical Positions: Typically requires a degree in Science, Technology, Engineering or Mathematics (STEM) and a minimum of 10 years of prior relevant experience unless prohibited by local laws/regulations.
-
Lead Cyber Threat Hunter
3 days ago
Arlington, United States Tyto Athene, LLC Full timeTyto Athene is searching for a Lead Cyber Threat Hunter to support our customer in Arlington, Virginia.Responsibilities:Actively hunt for Indicators of Compromise (IOC) and threat actor Tactics, Techniques, and Procedures (TTP) in the network and the host as necessarySearch network flow, PCAP, logs, and sensors for evidence of cyber-attack patterns, and hunt...
-
Enterprise Threat Hunter
5 days ago
Arlington, Virginia, United States PassionHR Full time**Job Description:** Enterprise Threat HunterWe are seeking a highly skilled enterprise threat hunter to lead investigations, assess the severity of breaches, develop effective mitigation plans, and assist in restoring services.This role requires expertise in cyber incident management and cybersecurity operations, with a proactive approach to safeguarding...
-
Cybersecurity Threat Hunter
3 days ago
Arlington, Virginia, United States Solutions3 Full timeCybersecurity Threat HunterSolutions3 LLC is a premier provider of advanced technical assistance and cybersecurity services to the U.S. Government. We are currently seeking a skilled Cybersecurity Threat Hunter to support our mission critical development and sustainment program for incident response to Government agencies and critical infrastructure owners...
-
Advanced Cyber Security Specialist
3 days ago
Arlington, Virginia, United States Gray Tier Technologies LLC Full timeJob Title: Cyber Threat Hunter SMEWe are looking for a highly skilled Cyber Threat Hunter SME to join our team at Gray Tier Technologies LLC.About the Company:Gray Tier Technologies LLC is a leading provider of cybersecurity services, supporting The Department of Homeland Security (DHS) Hunt and Incident Response Team (HIRT). We provide expert-level...
-
Senior Cyber Threat Analyst for Network Security
3 weeks ago
Arlington, Virginia, United States Argo Cyber Systems Full timeJob OverviewWe are seeking a highly skilled Cyber Threat Analyst to join our team at Argo Cyber Systems.About the RoleThis is an exciting opportunity for a motivated and detail-oriented individual to contribute to our mission of providing advanced technical assistance and cybersecurity analysis capabilities.The ideal candidate will have 5+ years of...
-
Advanced Threat Hunter
3 days ago
Arlington, Virginia, United States ANALYGENCE Inc Full timeAbout ANALYGENCE IncWe are seeking a highly skilled Cyber Vulnerability Assessment Analyst (SME) to join our team. As a SME, you will be responsible for supporting our federal customer in enhancing the security, resiliency, and reliability of the nation's cyber and communications infrastructure.This role requires strong leadership skills, as you will be...
-
Arlington, Virginia, United States SiloSmashers Full timeAbout the RoleWe are seeking a skilled Cybersecurity Threat Hunter III to support CISA in strengthening their security posture and improving incident response capabilities.Key Responsibilities:Continuously detect, analyze, and combat advanced cyber threats to stay ahead of evolving cyber threats.Develop a proactive security approach by identifying...
-
Cyber Vulnerability Assessment Analyst
3 weeks ago
Arlington, United States ANALYGENCE Inc Full timeDescription ANALYGENCE is seeking an experienced Cyber Vulnerability Assessment Analyst (SME) to supportour federal customer who plays a key role in enhancing the security, resiliency, and reliability of the nation's cyber and communications infrastructure. This role directly supports the customer Mission Engineering (ME) Information Security Branch (ISB)...
-
Cybersecurity Threat Hunter II
3 weeks ago
Arlington, Virginia, United States SiloSmashers Full timeJob OverviewSiloSmashers is seeking an Offensive Security Operations (OffSecOps) professional to collaborate with CISA in enhancing their security posture, improving incident response capabilities, and staying ahead of evolving cyber threats.Key ResponsibilitiesDetecting and analyzing advanced cyber threats to identify vulnerabilities and weaknesses within...
-
Cybersecurity Threat Manager
2 weeks ago
Arlington, Virginia, United States Argo Cyber Systems Full timeAt Argo Cyber Systems, we're supporting a U.S. Government customer to provide onsite incident response to civilian Government agencies and critical asset owners experiencing cyber-attacks.We're seeking a highly skilled Cybersecurity Threat Manager to join our team and support this critical mission.Responsibilities:Correlate incident data to identify specific...
-
Cybersecurity Threat Intelligence Analyst
2 weeks ago
Arlington, Virginia, United States Argo Cyber Systems Full timeJob OverviewAt Argo Cyber Systems, we are seeking a highly skilled Cyber Network Defense Analyst (CNDA) to join our team. This critical role involves monitoring network activity, analyzing it for evidence of suspicious behavior, and identifying potential threats to information systems and networks.
-
Cyber Security Strategist
3 days ago
Arlington, Virginia, United States ANALYGENCE Inc Full timeJob SummaryANALYGENCE Inc is seeking an experienced Cyber Vulnerability Assessment Analyst (SME) to support our federal customer who plays a key role in enhancing the security, resiliency, and reliability of the nation's cyber and communications infrastructure. This role directly supports the customer Mission Engineering (ME) Information Security Branch...
-
Cyber Threat Detection Specialist
3 weeks ago
Arlington, Virginia, United States Center for Internet Security Full timeJob Overview:At the Center for Internet Security, we are seeking a highly skilled Cyber Threat Detection Analyst to join our team. As a Cyber Threat Detection Analyst, you will be responsible for providing comprehensive reviews of security events affecting State, Local, Tribal, and Territorial (SLTT) governments through methods including network and...
-
Cyber Forensic Investigator
3 weeks ago
Arlington, Virginia, United States Argo Cyber Systems Full timeArgo Cyber Systems, a key partner to the Department of Homeland Security's Hunt and Incident Response Team (HIRT), seeks a skilled Cyber Forensic Investigator to support their critical customer mission.The ideal candidate will have 8+ years of experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools....
-
Cyber Threat Intelligence Analyst
3 days ago
Arlington, Virginia, United States Center for Internet Security Full timeJob SummaryCyber Threat Intelligence Analyst - TS/SCI RequiredArlington, VA.The Center for Internet Security is seeking a Cyber Threat Intelligence Analyst to join our team. As a member of the CIS Security Operations Center (SOC), you will be responsible for providing comprehensive review of security events affecting SLTT governments through methods...
-
Cyber Defense Analyst
3 weeks ago
Arlington, Virginia, United States Argo Cyber Systems Full timeWe are seeking a skilled Cyber Defense Analyst to join our team at Argo Cyber Systems. This critical role involves monitoring network activity, analyzing traffic for suspicious behavior, and identifying potential threats to network resources.The ideal candidate will have 5+ years of direct relevant experience in cyber defense analysis using leading-edge...
-
Cyber Threat Response Specialist
3 days ago
Arlington, Virginia, United States ICF Full timeAbout the RoleWe're seeking a skilled Cyber Operations Specialist to join our team at ICF. As a Cyber Operations Specialist, you will support process development and internal operational coordination across our cybersecurity elements.Key Responsibilities:• Develop and implement effective procedures and processes to ensure the security and resilience of...
-
Host Based Cyber Systems Analyst IV
3 weeks ago
Arlington, United States Argo Cyber Systems Full timeThe DHS's Hunt and Incident Response Team (HIRT) secures the Nation's cyber and communications infrastructure. HIRT provides DHS's front line response for cyber incidents and proactively hunting for malicious cyber activity. Argo Cyber Systems is a key partner to DHS, and performs HIRT investigations to develop a preliminary diagnosis of the severity of...
-
Host Based Cyber Systems Analyst IV
3 weeks ago
Arlington, United States Argo Cyber Systems Full timeThe DHS's Hunt and Incident Response Team (HIRT) secures the Nation's cyber and communications infrastructure. HIRT provides DHS's front line response for cyber incidents and proactively hunting for malicious cyber activity. Argo Cyber Systems is a key partner to DHS, and performs HIRT investigations to develop a preliminary diagnosis of the severity of...
-
Advanced Threat Hunter
18 hours ago
Arlington, Virginia, United States Tyto Athene, LLC Full timeThreat Hunting EngineerWe are seeking a highly skilled Threat Hunting Engineer to join our team at Tyto Athene, LLC in Arlington, Virginia. As a key member of our security operations center (SOC), you will play a critical role in detecting and responding to advanced threats.Job Responsibilities:Develop and implement threat hunting plans: Develop and...