- Create Threat Models to better understand the Agency's IT Enterprise, identify defensive gaps, and prioritize mitigations
- Author, update, and maintain SOPs, playbooks, work instructions
- Utilize Threat Intelligence and Threat Models to create threat hypotheses
- Plan and scope Threat Hunt Missions to verify threat hypotheses
- Proactively and iteratively search through systems and networks to detect advanced threats
- Analyze host, network, and application logs in addition to malware and code
- Prepare and report risk analysis and threat findings to appropriate stakeholders
- Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation.
- Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise Basic Qualifications
- Positions at this career level typically require
BS degree or equivalent and 2-4 years of prior relevant experience, or a master's with less than 2 years, in order to operate within the scope contemplated by the level.
- The candidate must currently possess a Top Secret Clearance. In addition to clearance requirement, all CBP personnel must have a current or be able to favorably pass a 5 year background investigation (BI).
- Experience in the areas of incident detection and response, malware analysis, or computer forensics. Required Education/Experience
- Expertise in network and host-based analysis and investigation
- Demonstrated experience planning and executing threat hunt missions
- Understanding of complex Enterprise networks to include routing, switching, firewalls, proxies, load balancers
- Working knowledge of common (HTTP, DNS, SMB, etc) networking protocols
- Familiar with operation of both Windows and Linux based systems
- Proficient with scripting languages such as Python or PowerShell
- Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL)
- Demonstrated experience triaging and responding to APT activities.
- Experience working with various technologies and platform such as AWS, Azure, O365, containers, etc.
- Understanding of current cyber threat landscape, the different tactics commonly used by adversaries and how you would investigate, contain and recover against their attacks. Certifications
-
Security Engineer with Security Clearance
1 week ago
Gridiron IT Solutions Ashburn, United StatesGridiron IT is seeking a Security Engineer local to Ashburn, VA with a active DHS CBP Tier 4 Public Trust or equivalent of DoD Secret and up. Gridiron IT is hiring a Security Engineer to support a federal customer located in Ashburn, VA. Two to three days will be working on site ...
-
Base One Technologies Ashburn, United StatesOur Ashburn VA based client is looking for a Splunk Engineer. If you are interested in this opening. Please forward a copy of your updated resume in word format to Work location: Ashburn VA · 222 - Senior Security Engineer (CBP) Must Have One of the Following J3 Certifications Sr ...
-
Cyber Security Engineer with Security Clearance
2 weeks ago
Base One Technologies Ashburn, United StatesWork location: Ashburn VA · 222 – Senior Security Engineer Must Have One of the Following J3 Certifications Sr. Security Engineer: · CompTIA Advanced Security Practitioner (CASP) · GCIH – Incident Handler · GCWN – Windows Security Administrator · GISF – Security Fundamentals · GI ...
-
Intern - Cyber Security with Security Clearance
3 weeks ago
Telos Corporation Ashburn, VA, United StatesThe most security-conscious organizations trust Telos Corporation to protect their vital IT assets · The reputation of our company rests on the quality of our solutions and the integrity of our people · Explore what you can bring to our solutions in the areas of cyber, cloud and ...
-
Detection Engineer with Security Clearance
1 week ago
Base One Technologies Ashburn, United StatesRequired Education/Experience · BS degree in Science, Technology, Engineering, Math or related field and 8 years of prior relevant experience with a focus on cyber security or Masters with 6 years of prior relevant experience. Should have 5 years of experience serving as a digita ...
-
Cloud Architect with Security Clearance
3 weeks ago
Booz Allen Hamilton Ashburn, United StatesJob Number: R Cloud Architect · The Opportunity: Everyone is trying to "harness the cloud," but not everyone knows how. As a cloud computing application architect, you know how to create a cloud-based technical architecture that meets client needs and takes advantage of cloud cap ...
-
Project Manager with Security Clearance
3 weeks ago
Agile Defense, Inc. Ashburn, VA, United StatesAt Agile Defense we know that action defines the outcome and new challenges require new solutions · That's why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next · Our vision is to bring adaptive innovation to sup ...
-
Detection Engineer with Security Clearance
1 week ago
Base One Technologies Ashburn, United StatesOur Ashburn VA based client is looking for a Detection Engineer. If you are qualified for this position. Please email me your updated resume in word format to Work location: Ashburn VA Detection Engineer · Primary Responsibilities · • Identify gaps in malicious activity detection ...
-
Penetration Tester with Security Clearance
2 weeks ago
Anonymous Employer Ashburn, United StatesPrimary Responsibilities · • Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies. · • Perform web app pentests · • Perform vulnerability risk assessment · • Perform physical pentests and social engineering · • Perform ...
-
Splunk Engineer with Security Clearance
3 weeks ago
Agile Defense, Inc. Ashburn, United StatesAt Agile Defense we know that action defines the outcome and new challenges require new solutions. That's why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next. Our vision is to bring adaptive innovation to suppo ...
-
Penetration Tester with Security Clearance
2 weeks ago
Base One Technologies Ashburn, United StatesPrimary Responsibilities · Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies. · Perform web app pentests · Perform vulnerability risk assessment · Perform physical pentests and social engineering · Perform cyber inc ...
-
Penetration Tester with Security Clearance
3 weeks ago
Leidos Ashburn, United StatesYou will need to login · before you can apply for a job. · Penetration Tester with Security Clearance · R– Description The Leidos Digital Modernization Team is seeking a Penetration Tester to join the Enterprise Security Operations Center team. The Department of Homeland Securi ...
-
Test Engineer with Security Clearance
4 weeks ago
CACI Ashburn, United StatesTest Engineer Job Category: Engineering Time Type: Full time Minimum Clearance Required to Start: Secret Employee Type: Regular Percentage of Travel Required: Up to 10% Type of Travel: Local * * * What You'll Get to Do CACI's Agile Solution Factory (ASF) is hiring an experienced ...
-
DevOps Lead with Security Clearance
3 weeks ago
Booz Allen Hamilton Ashburn, United StatesJob Number: R DevOps Lead · The Opportunity: · As a DevOps engineer, you know how to set up cloud environments and provision computer networking, storage, and virtual networks-ultimately, how to "harness the cloud." We're looking for a seasoned DevOps infrastructure engineer like ...
-
Penetration Tester with Security Clearance
3 weeks ago
Agile Defense, Inc. Ashburn, United StatesAt Agile Defense we know that action defines the outcome and new challenges require new solutions. That's why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next. Our vision is to bring adaptive innovation to suppo ...
-
Test Engineer with Security Clearance
3 weeks ago
CACI Ashburn, United StatesTest Engineer Job Category: Engineering Time Type: Full time Minimum Clearance Required to Start: Secret Employee Type: Regular Percentage of Travel Required: Up to 10% Type of Travel: Local * * * What You'll Get to Do CACI's Agile Solution Factory (ASF) is hiring an experienced ...
-
Program Manager with Security Clearance
3 weeks ago
Agile Defense, Inc. Ashburn, United StatesAt Agile Defense we know that action defines the outcome and new challenges require new solutions. That's why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next. Our vision is to bring adaptive innovation to suppo ...
-
Leidos Ashburn, VA, United StatesR Description Job Description The Leidos Digital Modernization Team is seeking a SOC Metrics Analyst to support a highly visible fast paced contract · The Security Operations Center (SOC) Metrics Analyst will work directly with the Cybersecurity Operations Manager and the custome ...
-
Technical Recruiter with Security Clearance
1 week ago
HiTek Staffing LLC Ashburn, United StatesTechnical recruiter who identify, recruit, and screen candidates for technical positions within an organization. They work with hiring managers to set technical requirements, and are responsible for: · Sourcing: Finding and screening qualified candidates · Interviewing: Gathering ...
-
Capture Manager with Security Clearance
1 week ago
HiTek Staffing LLC Ashburn, United StatesA federal capture manager's job is to strategically plan and execute capture efforts, and manage resources, schedules, and costs. They also collaborate with other functional groups to develop strategies for technical, management, and pricing. Capture managers work in sales develo ...
Threat Hunt Analyst with Security Clearance - Ashburn, United States - Base One Technologies
Description
Threat Hunt Analyst MidPrimary Responsibilities
BS degree or equivalent and 2-4 years of prior relevant experience, or a master's with less than 2 years, in order to operate within the scope contemplated by the level.
Preferred QualificationsCCNA Security
CCNP Security
CEH – Certified Ethical Hacker
CHFI – Computer Hacking Forensic Investigator
CISSP – Certified Information Systems Security
ECES – EC-Council Certified Encryption Specialist
ECIH – EC-Council Certified Incident Handler
ECSA – EC-Council Certified Security Analyst
ECSS – EC-Council Certified Security Specialist
EnCE
ENSA – EC-Council Network Security Administrator
GCFA – Forensic Analyst
GCFE – Forensic Examiner
GCIH – Incident Handler
GISF – Security Fundamentals
GNFA – Network Forensic Analyst
GREM – Reverse Engineering Malware
GWEB – Web Application Defender
GXPN – Exploit Researcher and Advanced Penetration Tester
LPT – Licensed Penetration Tester
OSCE (Certified Expert)
OSCP (Certified Professional)
OSEE (Exploitation Expert)
OSWP (Wireless Professional)
CIRC
FIWE
WFE-E-CI
FTK-WFE-FTK Preferred Qualifications
SANS GCIA (GIAC Certified Intrustion Analyst)
SANS GNFA (GIAC Network Forensic Analyst)
SANS GWAPT (GIAC Web Application Pentester)
SANS GPEN (GIAC Penetration Tester)
Offensive Security Certified Professional (OSCP)
