Cybersecurity Threat Hunter
1 week ago
At Nightwing, we are a leading provider of full-spectrum cyber, data operations, systems integration, and intelligence support services to the U.S. government. With a rich history of delivering technically advanced solutions, we are committed to shaping the future of cybersecurity and intelligence.
Job SummaryWe are seeking a highly skilled Cybersecurity Threat Hunter to join our team. As a Cybersecurity Threat Hunter, you will be responsible for identifying and mitigating cyber threats to our customers' networks and systems.
Key Responsibilities- Acquire and collect computer artifacts in support of onsite engagements
- Triage electronic devices and assess evidentiary value
- Correlate forensic findings to network events in support of developing an intrusion narrative
- Collect and document system state information prior to imaging, as required
- Perform forensic triage of an incident to include determining scope, urgency, and potential impact
- Track and document forensic analysis from initial participation through resolution
- Collect, process, preserve, analyze, and present computer-related evidence
- Coordinate with Government staff and customer personnel to validate/investigate alerts or additional preliminary findings
- Conduct analysis of forensic images and available evidence in support of forensic write-ups for inclusion in reports and written products
- Evaluate, extract, and analyze suspected malicious code
- Assist in documenting and publishing Computer Network Defense (CND) guidance and reports pertaining to incident findings
- Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
- Coordinate with enterprise-wide cyber defense staff to validate network alerts
- Perform management duties as required to support the team, projects, and analysts
- Document and escalate incidents, including event history, status, and potential impact for further action
- Perform cyber defense trend analysis and reporting
- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
- Provide daily summary reports of network events and activity relevant to cyber defense practices
- Receive and analyze network alerts from various sources within the enterprise and determine possible causes of alerts
- Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
- Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity
- Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information
- Identify and analyze anomalies in network traffic using metadata
- Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools
- Identify applications and operating systems of a network device based on network traffic
- Reconstruct a malicious attack or activity based on network traffic
- Identify network mapping and operating system (OS) fingerprinting activities
- Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave
- U.S. Citizenship
- Active TS/SCI clearance
- Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability
- 8+ years of direct relevant experience in cyber defense analysis using leading edge technologies and industry standard cyber defense tools
- Ability to create forensically sound duplicates of evidence (forensic images)
- Ability to author cyber investigative reports documenting digital forensics findings
- Proficiency with analysis and characterization of cyber attacks
- Skilled in identifying different classes of attacks and attack stages
- Understanding of system and application security threats and vulnerabilities
- Understanding of proactive analysis of systems and networks, to include creating trust levels of critical resources
- Able to work collaboratively across physical locations
- Action-oriented and have a proactive approach to problem solving
- Proficiency with common operating systems (e.g., Linux/Unix, Windows)
- Understanding of SaaS, PaaS, and IaaS in the Cloud Environment
- Proficiency with one or more of the following EDR Tools: Crowdstrike, SentinelOne, Cortex, Microsoft MDE, or Trellix
- Proficiency with two or more of the following tools: Host forensics software (EnCase, FTK, X-Ways, Sleuth Kit/Autopsy), SIFT, Volatility, KAPE, WireShark, Splunk
- Proficiency conducting all-source research
BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 10 years of network investigations experience
Desired Certifications- GCFE, GCFA, GCLD, GCPS, GCPN, GWEB, GIRD, GREM, GNFA, GCIH, GCIA, GSEC
- Kubernetes Security Specialist, Microsoft 365 Certifications, Microsoft Azure Certifications, AWS Certifications, SANS Cloud Courses (SEC541, SEC584, SEC588) and Certifications GSEC (SANS401), Network+, Security+
-
Cybersecurity Threat Hunter
1 week ago
Arlington, Virginia, United States Nightwing Full timeAbout NightwingNightwing is a leading provider of full-spectrum cyber, data operations, systems integration, and intelligence mission support services to the U.S. government. With a rich history of delivering technically advanced solutions, our team is passionate about driving innovation and solving complex problems.Job SummaryWe are seeking a highly skilled...
-
Cybersecurity Threat Hunter
2 weeks ago
Arlington, Virginia, United States Nightwing Full timeAbout NightwingNightwing is a leading provider of full-spectrum cyber, data operations, systems integration, and intelligence mission support services to the U.S. government. With a rich history of delivering technically advanced solutions, we continue to support the nation's most mission-impacting initiatives.Job SummaryWe are seeking a highly skilled...
-
Cybersecurity Threat Hunter
2 weeks ago
Arlington, Virginia, United States Nightwing Full timeAbout NightwingNightwing is a leading provider of full-spectrum cyber, data operations, systems integration, and intelligence mission support services to the U.S. government. With a rich history of delivering technically advanced solutions, we continue to support the nation's most mission-impacting initiatives.Job SummaryWe are seeking a highly skilled...
-
Cybersecurity Threat Hunter IV
3 weeks ago
Arlington, Virginia, United States Nightwing Full timeAbout NightwingNightwing is a leading provider of full-spectrum cyber, data operations, systems integration, and intelligence support services to the U.S. government. With a rich history of delivering technically advanced solutions, we continue to shape the future of cybersecurity and intelligence.Job SummaryWe are seeking a highly skilled Cybersecurity...
-
Cybersecurity Threat Analyst
4 weeks ago
Arlington, Virginia, United States Booz Allen Hamilton Full timePosition Overview:As a Cyber Threat Intelligence Analyst, you will play a crucial role in safeguarding national interests against cyber threats. Your responsibilities will include processing, analyzing, and researching cyber threats to deliver actionable intelligence. This encompasses identifying adversary indicators of compromise, understanding techniques,...
-
Cybersecurity Threat Analyst
4 weeks ago
Arlington, Virginia, United States Booz Allen Hamilton Full timePosition Overview:As a Cyber Threat Intelligence Analyst, you will play a crucial role in safeguarding national interests against cyber threats. Your primary responsibility will be to analyze, process, and research various cyber threats to deliver actionable intelligence. This includes identifying adversary indicators of compromise, understanding their...
-
Cybersecurity Threat Analyst
4 weeks ago
Arlington, Virginia, United States Booz Allen Hamilton Full timePosition Overview:As a Cyber Threat Intelligence Analyst, you will play a pivotal role in safeguarding national interests against cyber threats. Your primary responsibility will be to process, analyze, and investigate cyber threats, delivering actionable intelligence that includes adversary indicators, tactics, techniques, procedures, and trends to enhance...
-
Cybersecurity Threat Analyst
3 weeks ago
Arlington, Virginia, United States Booz Allen Hamilton Full timePosition Overview:As a Cyber Threat Intelligence Analyst, you will play a crucial role in safeguarding national interests against cyber threats. Your primary responsibility will be to analyze, process, and research various cyber threats to deliver actionable intelligence. This includes identifying adversary indicators of compromise, understanding techniques,...
-
Cybersecurity Threat Analyst
3 weeks ago
Arlington, Virginia, United States Booz Allen Hamilton Full timePosition Overview:As a Cyber Threat Intelligence Analyst, you will play a crucial role in safeguarding national interests against cyber threats. Your responsibilities will include processing, analyzing, and researching cyber threats to deliver actionable intelligence. This involves identifying adversary indicators of compromise, understanding techniques,...
-
Cybersecurity Threat Intelligence Analyst
4 weeks ago
Arlington, Virginia, United States Nodel Full timeJob OverviewPosition: Cyber Threat AnalystLocation: Arlington, VASecurity Clearance: Top Secret RequiredNode is dedicated to providing expert support to U.S. Government clients, focusing on incident response for civilian agencies and critical infrastructure owners facing cyber threats. Our team is responsible for immediate investigation and resolution of...
-
Lead Cybersecurity Threat Analyst
4 weeks ago
Arlington, Virginia, United States Booz Allen Hamilton Full timePosition Overview:As a Senior Cyber Threat Intelligence Specialist, you will play a crucial role in safeguarding national interests against cyber threats. Your primary responsibility will be to analyze, interpret, and research cyber threats, providing actionable intelligence that includes adversary indicators, techniques, tactics, procedures, and emerging...
-
Cybersecurity Analyst IV
3 weeks ago
Arlington, Virginia, United States Nightwing Full timeAbout NightwingNightwing is a leading provider of full-spectrum cyber, data operations, systems integration, and intelligence support services to the U.S. government. With a rich history of delivering technically advanced solutions, we continue to shape the future of cybersecurity and intelligence.Job SummaryWe are seeking a highly skilled Cybersecurity...
-
Cybersecurity Threat Analyst
3 weeks ago
Arlington, Virginia, United States Booz Allen Hamilton Full timePosition Overview:As a Cyber Threat Intelligence Analyst, you will play a crucial role in safeguarding national interests against cyber threats. Your primary responsibility will be to process, analyze, and investigate cyber threats, providing actionable intelligence that includes adversary indicators, tactics, techniques, and procedures, as well as trends...
-
Senior Cybersecurity Threat Analyst
3 weeks ago
Arlington, Virginia, United States Booz Allen Hamilton Full timePosition Overview:As a Senior Cyber Threat Intelligence Analyst, you will play a crucial role in safeguarding national interests against cyber threats. Your primary responsibility will be to analyze, process, and research cyber threats, providing actionable intelligence that includes adversary indicators, techniques, tactics, procedures, and trends....
-
Cybersecurity Incident Responder
3 weeks ago
Arlington, Virginia, United States Nightwing Full timeAbout NightwingNightwing is a leading provider of full-spectrum cyber, data operations, systems integration, and intelligence mission support services to the U.S. government. With a rich history of delivering technically advanced solutions, we continue to support the nation's most mission-impacting initiatives.Job SummaryWe are seeking a highly skilled...
-
Cybersecurity Vulnerability and Threat Analyst
4 weeks ago
Arlington, Virginia, United States Erias Ventures Full timeErias Ventures is dedicated to delivering exceptional service to its clients with an innovative approach. We prioritize innovative thinking, transparent communication, and empowering our team members to take initiative and propose new solutions.We are on the lookout for professionals eager to advance their careers and join a dynamic, entrepreneurial-focused,...
-
Cybersecurity Specialist
2 weeks ago
Arlington, Virginia, United States Office of the Secretary of Defense Full timeJob SummaryThe Office of the Secretary of Defense is seeking a highly skilled Cybersecurity Specialist to join our team. As a key member of our cybersecurity team, you will be responsible for developing and implementing cybersecurity strategies to protect our organization's sensitive information and systems.Key ResponsibilitiesDevelop and implement...
-
Cyber Threat Analyst
1 week ago
Arlington, Virginia, United States Nightwing Full timeAbout NightwingNightwing is a leading provider of cybersecurity and intelligence services to the U.S. government. With a rich history of delivering technically advanced solutions, we continue to support the nation's most mission-critical initiatives.Job SummaryWe are seeking a highly skilled Cyber Threat Analyst to join our team. As a key member of our...
-
Cyber Threat Analyst
2 days ago
Arlington, Virginia, United States Nightwing Full timeJob Title: Cyber Threat AnalystWe are seeking a highly skilled Cyber Threat Analyst to join our team at Nightwing. As a Cyber Threat Analyst, you will play a critical role in identifying and mitigating cyber threats to our customers.Responsibilities:Correlate incident data to identify specific trends in reported incidentsRecommend defense in depth principles...
-
Cyber Threat Intelligence Specialist
3 weeks ago
Arlington, Virginia, United States Zachary Piper Full timeZachary Piper Solutions is seeking a highly skilled Cyber Threat Analyst to join our team in Arlington, VA. The successful candidate will be responsible for leading onsite incident response and investigation, assessing cyber-attack severity, developing mitigation strategies, and aiding in service restoration for civilian government agencies and critical...