Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Cyber Threat Hunter (Active Secret Clearance Required)

Expired Job

General Dynamics Information Technology Rosslyn , VA 22209

Posted 4 months ago

Program Description: Serves as a Cyber Threat Hunter and Researcher in support of a major federal client. This organization provides services that analyze and produce enhanced cyber security and threat intelligence information to include threats and potential threats to the customer's information and information systems; provides timely and relevant technical analysis to assist with mitigating cyber threats confronting the Department; supports evaluation, implementation, and operations of tools/technologies used in advanced analysis. Responsible for the delivery of written and oral briefings to stakeholders and community partners across the Foreign Affairs community.

Functional Duties:

The Cyber Threat Hunter and Researcher will support the customer's overall cyber threat analysis efforts. Performs advanced analysis of adversary tradecraft, malicious code, and Advance Persistent Threat capabilities. Analyzes computer, communication, network security events and exploits to determine security vulnerabilities and recommend remedial actions. Conducts forensic, malicious code, and packet-level analyses to develop comprehensive technical reports stepping through complete reverse engineering of incidents. Recommends countermeasures based on the identified techniques, tactics, procedures, and behavior patterns used by adversaries. This role is also responsible for developing alert criteria to improve incident response capabilities; as well as, contributes to development, writing, and reviewing of SOPs.

Candidate should possess experience with and knowledge of cyber threat and/or intelligence analysis. Candidate should have proven expert written and oral communication skills to include experience with executive-level presentations. Candidate should have knowledge related to the current state of cyber international relations, adversary tactics, and trends. Candidate will possess the ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments.

Qualifications:

Candidates MUST possess an active secret clearance and be eligible to obtain a Top Secret.

Education:

  • A Bachelor's Degree in Computer Science, Information Systems, Engineering, Telecommunications, or other related scientific or technical discipline is desired. Four (4) additional years of general experience (as defined below) may be substituted for the degree.

Certifications Desired: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensics Analyst (GCFA), Certified Ethical Hacker (CEH), Encase Certified Examiner (ENCE)

General Experience: 3-5 years of experience advanced technical analysis with increasing responsibilities. Demonstrated oral and written communications skills.

  • Good working knowledge of cyber threat analytics

  • Previous experience working in cross functional and interdisciplinary project teams to achieve tactical and strategic objectives

  • Proven ability to document and teach team members how to apply advanced analytic techniques to solve complex problems

  • Solid understanding of enterprise IT cybersecurity operational environments

Specialized Experience:

  • Three years' of experience in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skill

  • Two years' of experience in intelligence or technical analysis with a focus on cyber threat analysis.

  • Experience analyzing emerging technologies for potential attach vectors and developing mitigation strategies

  • Ability to evaluate offensive and intelligence-based threat actors based on motivation and common TTPs

  • Experience with gathering open-source and controlled intelligence to develop predictive understanding of adversarial strategies, priorities, and overlapping interests

  • Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools

  • Experience writing contract deliverables such as Event Bulletins, Cyber Digests, and Quarterly Summary Reports.

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training, and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs, and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

Post date: September 5, 2018

Location

  • Thoroughfare (i.e. Street address):

Rosslyn , VA

United States

Location

  • Thoroughfare (i.e. Street address):

Cyber Threat Hunter (Active Secret Clearance Required)

CSRA

September 5, 2018

Program Description: Serves as a Cyber Threat Hunter and Researcher in support of a major federal client. This organization provides services that analyze and produce enhanced cyber security and threat intelligence information to include threats and potential threats to the customer's information and information systems; provides timely and relevant technical analysis to assist with mitigating cyber threats confronting the Department; supports evaluation, implementation, and operations of tools/technologies used in advanced analysis. Responsible for the delivery of written and oral briefings to stakeholders and community partners across the Foreign Affairs community.

Functional Duties:

The Cyber Threat Hunter and Researcher will support the customer's overall cyber threat analysis efforts. Performs advanced analysis of adversary tradecraft, malicious code, and Advance Persistent Threat capabilities. Analyzes computer, communication, network security events and exploits to determine security vulnerabilities and recommend remedial actions. Conducts forensic, malicious code, and packet-level analyses to develop comprehensive technical reports stepping through complete reverse engineering of incidents. Recommends countermeasures based on the identified techniques, tactics, procedures, and behavior patterns used by adversaries. This role is also responsible for developing alert criteria to improve incident response capabilities; as well as, contributes to development, writing, and reviewing of SOPs.

Candidate should possess experience with and knowledge of cyber threat and/or intelligence analysis. Candidate should have proven expert written and oral communication skills to include experience with executive-level presentations. Candidate should have knowledge related to the current state of cyber international relations, adversary tactics, and trends. Candidate will possess the ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments.

Qualifications:

Candidates MUST possess an active secret clearance and be eligible to obtain a Top Secret.

Education:

  • A Bachelor's Degree in Computer Science, Information Systems, Engineering, Telecommunications, or other related scientific or technical discipline is desired. Four (4) additional years of general experience (as defined below) may be substituted for the degree.

Certifications Desired: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensics Analyst (GCFA), Certified Ethical Hacker (CEH), Encase Certified Examiner (ENCE)

General Experience: 3-5 years of experience advanced technical analysis with increasing responsibilities. Demonstrated oral and written communications skills.

  • Good working knowledge of cyber threat analytics

  • Previous experience working in cross functional and interdisciplinary project teams to achieve tactical and strategic objectives

  • Proven ability to document and teach team members how to apply advanced analytic techniques to solve complex problems

  • Solid understanding of enterprise IT cybersecurity operational environments

Specialized Experience:

  • Three years' of experience in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skill

  • Two years' of experience in intelligence or technical analysis with a focus on cyber threat analysis.

  • Experience analyzing emerging technologies for potential attach vectors and developing mitigation strategies

  • Ability to evaluate offensive and intelligence-based threat actors based on motivation and common TTPs

  • Experience with gathering open-source and controlled intelligence to develop predictive understanding of adversarial strategies, priorities, and overlapping interests

  • Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools

  • Experience writing contract deliverables such as Event Bulletins, Cyber Digests, and Quarterly Summary Reports.

Rosslyn , VA

United States


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security Engineer (Blue/Red Team) With Secret Clearance

Csra Inc.

Posted 4 weeks ago

VIEW JOBS 11/17/2018 12:00:00 AM 2019-02-15T00:00 Primary Location Rosslyn , VA United States Job Requisition RQ28839 Category Information Technology Apply Legacy CSRA employee login Responsibilities: * Leading enterprise efforts on risk assessment, detailed technical recommendations and coordination of remediation and mitigation strategies. * Preparing reports and conducting briefings for senior leadership related to routine and high profile vulnerability analysis. * Developing and perform high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, policy compliance and vulnerability analysis of the overall enterprise security posture. * Communicating recommendations to the responsible parties, and engaging in both tracking and verification of their remediation efforts. * Continually analyzing available security information, including results of configuration compliance verification, vulnerability scans, database assessments, security and system patch information, threat reporting, OIG reporting, and other intelligence information to update and assess the status of an organization's cyber security posture. * Assisting in the analysis, selection, implementation, and/or development of enterprise security tools. * Interfacing with vendor support teams to keep abreast of developments within products currently in use. * Documenting team processes for use in internal Standard Operating Procedures (SOPs), and other on-the-shelf documentation of processes for future team reference. * Building working relationships to effectively complete the mission, while acknowledging and respecting stakeholder needs and requirements. * Both formulating new and adjusting existing information security metrics for the purpose of analysis and greater enterprise security posture awareness. * Consultation and support to other parties concerning Computer Network Defense (CND), often on an ad hoc basis, as necessary for the mission. Required Qualifications: * Bachelor's Degree or equivalent years of experience in a relevant field (e.g. Cybersecurity, Information Technology, or Computer Science). * Minimum five (5) years of experience in information security, information technology, or related field. * Proficiency in traditional Blue Team or Red Team network security activities. * Experience developing goals, processes and a methodology for effective cyber security assessments. * Experience performing manual and automated analysis of systems and networks to identify, assess, and mitigate vulnerabilities to strengthen organizational security posture. * Experience performing risk assessments by correlating known vulnerabilities, understanding of the threat environment, and prioritization to mitigate risk to network assets. * Effective written and verbal communications skills to prepare and present security assessment results to stakeholders, and to further build relationships with them. * Proficiency in Splunk, Tanium, and other enterprise-level data analytics tools. * Experience with Windows Desktop, Windows Server and Linux operating systems and system administration – specifically with regard to patching and compliance. * Experience with networking hardware (routers, switches, firewalls) and configurations – specifically with regard to patching and compliance. * A solid understanding of core networking concepts such as DMZs, subnets, VLANs, private IP addressing and NAT. * Active Secret (Minimum) security clearance. Desired Qualifications: * Security+ and/or Network+ certification. * Certified Ethical Hacker certification. * Certified Information Security Systems Professional (CISSP) certification. * 2+ years of experience familiarity with NIST Special Publication 800-53 and CVE (Common Vulnerabilities and Exposures) standards. * Experience with project management to ensure stakeholders remain on schedule with patching and policy compliance to improve overall network security posture. * Experience in developing and leading remediation/ mitigation activities, and building strategies, status updates, and reports on those activities. * Active Top Secret security clearance. For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training, and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs, and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class. Post date: November 6, 2018 Location - Thoroughfare (i.e. Street address): Rosslyn , VA United States Location - Thoroughfare (i.e. Street address): Cyber Security Engineer (Blue/Red Team) with Secret Clearance CSRA November 6, 2018 Responsibilities: * Leading enterprise efforts on risk assessment, detailed technical recommendations and coordination of remediation and mitigation strategies. * Preparing reports and conducting briefings for senior leadership related to routine and high profile vulnerability analysis. * Developing and perform high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, policy compliance and vulnerability analysis of the overall enterprise security posture. * Communicating recommendations to the responsible parties, and engaging in both tracking and verification of their remediation efforts. * Continually analyzing available security information, including results of configuration compliance verification, vulnerability scans, database assessments, security and system patch information, threat reporting, OIG reporting, and other intelligence information to update and assess the status of an organization's cyber security posture. * Assisting in the analysis, selection, implementation, and/or development of enterprise security tools. * Interfacing with vendor support teams to keep abreast of developments within products currently in use. * Documenting team processes for use in internal Standard Operating Procedures (SOPs), and other on-the-shelf documentation of processes for future team reference. * Building working relationships to effectively complete the mission, while acknowledging and respecting stakeholder needs and requirements. * Both formulating new and adjusting existing information security metrics for the purpose of analysis and greater enterprise security posture awareness. * Consultation and support to other parties concerning Computer Network Defense (CND), often on an ad hoc basis, as necessary for the mission. Required Qualifications: * Bachelor's Degree or equivalent years of experience in a relevant field (e.g. Cybersecurity, Information Technology, or Computer Science). * Minimum five (5) years of experience in information security, information technology, or related field. * Proficiency in traditional Blue Team or Red Team network security activities. * Experience developing goals, processes and a methodology for effective cyber security assessments. * Experience performing manual and automated analysis of systems and networks to identify, assess, and mitigate vulnerabilities to strengthen organizational security posture. * Experience performing risk assessments by correlating known vulnerabilities, understanding of the threat environment, and prioritization to mitigate risk to network assets. * Effective written and verbal communications skills to prepare and present security assessment results to stakeholders, and to further build relationships with them. * Proficiency in Splunk, Tanium, and other enterprise-level data analytics tools. * Experience with Windows Desktop, Windows Server and Linux operating systems and system administration – specifically with regard to patching and compliance. * Experience with networking hardware (routers, switches, firewalls) and configurations – specifically with regard to patching and compliance. * A solid understanding of core networking concepts such as DMZs, subnets, VLANs, private IP addressing and NAT. * Active Secret (Minimum) security clearance. Desired Qualifications: * Security+ and/or Network+ certification. * Certified Ethical Hacker certification. * Certified Information Security Systems Professional (CISSP) certification. * 2+ years of experience familiarity with NIST Special Publication 800-53 and CVE (Common Vulnerabilities and Exposures) standards. * Experience with project management to ensure stakeholders remain on schedule with patching and policy compliance to improve overall network security posture. * Experience in developing and leading remediation/ mitigation activities, and building strategies, status updates, and reports on those activities. * Active Top Secret security clearance. Rosslyn , VA United States * Csra Inc. Rosslyn VA

Cyber Threat Hunter (Active Secret Clearance Required)

Expired Job

General Dynamics Information Technology