Lead Cyber Threat Hunter

job
  • Tyto Athene, LLC
Job Summary
Location
Arlington ,VA 22201
Job Type
Contract
Visa
Any Valid Visa
Salary
PayRate
Qualification
BCA
Experience
2Years - 10Years
Posted
23 Jan 2025
Share
Job Description

Tyto Athene is searching for a Lead Cyber Threat Hunter to support our customer in Arlington, Virginia.



Responsibilities:

  • Actively hunt for Indicators of Compromise (IOC) and threat actor Tactics, Techniques, and Procedures (TTP) in the network and the host as necessary
  • Search network flow, PCAP, logs, and sensors for evidence of cyber-attack patterns, and hunt for Advanced Persistent Threats (APT)
  • Create detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate teams
  • Collaborate with the SOC and Threat Analysts to contain and investigate major incidents
  • Provide simple and reusable hunt tactics and techniques to a team of security engineers, SIEM specialists, and SOC analysts
  • Work with leadership and the engineering team to improve and expand available toolsets
  • Analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture
  • Monitor open source and commercial threat intelligence for IOCs, new vulnerabilities, software weaknesses, and other attacker TTPs.



Required:

  • Bachelor’s degree in Computer Science, Information Technology, or related field and 8 years of relevant experience or a Masters degree and 4 years
  • Experience with securing and hardening IT infrastructure
  • Demonstrated or advanced experience with computer networking and operating systems
  • Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses
  • Demonstrated proficiency with regular expression and scripting languages, including Python or PowerShell
  • Demonstrated proficiency with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack
  • Experience with network hunting, including Bro Logs, DNS, Netflow, PCAP, or firewalls and proxies
  • Knowledge of Windows and Linux OS’ and command line
  • Ability to analyze malware, extract indicators, and create signatures in Yara and Snort
  • Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences to include at the executive level
  • Knowledge related to the current state of cyber adversary tactics and trends
  • Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building
  • Knowledge of the TCP/IP networking stack and network IDS technologies



Desired:

  • Previous experience working as a cyber threat hunter
  • Experience with operational security, including security operations centers (SOC), incident response, digital forensics, and malware analysis
  • Experience with major cloud service provider offerings
  • Knowledge of offensive security tools and techniques



Clearance: Active Secret clearance required



Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.



Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.

Other Smiliar Jobs
 
  • Doral, FL
  • 15 Hours ago
  • Arlington, VA
  • 15 Hours ago
  • Arlington, VA
  • 15 Hours ago
  • El Segundo, CA
  • 15 Hours ago
  • Fort Belvoir, VA
  • 15 Hours ago
  • Arlington, VA
  • 15 Hours ago
  • Suitland, MD
  • 15 Hours ago
  • Lompoc, CA
  • 15 Hours ago
  • Quantico, VA
  • 15 Hours ago
  • Suitland, MD
  • 15 Hours ago
  • Arlington, VA
  • 15 Hours ago
  • Arlington, VA
  • 15 Hours ago
  • Pittsburgh, PA
  • 15 Hours ago