Enterprise - Cyber Hunt Analyst - SQL, PowerBI, Splunk

About The Position

Requirements

• Five plus (5+) years of experience in cyber security operations related fields with Bachelor's in information technology, Cyber Security or related field; Three (3) years relevant experience with Masters in related field; or High School Diploma or equivalent and nine (9) years relevant experience.
• Experience with the DoD customers, ideally supporting US Cyber Command, USMC, DISA or DCDC
• Proficient in various query languages (SQL, KQL (Kusto))
• Proficient in Python and bonus for strong experience using Jupyter notebooks
• Experience with dashboarding/visualizations (Power-BI, Superset)
• Familiarity with cloud providers and environments (Azure, AWS, Google Cloud Platform)
• Desire to grow professional and personally
• Ability to complete technical tasks without supervision
• Ability to foster and support a collaborative working environment
• Excellent public speaking, presentation, and customer service skills
• Positive and energetic attitude
• Critical thinking and natural curiosity for all things cybersecurity
• Cyber Hunt methodologies and techniques
• SIEMs - (e.g., Splunk, Q-Radar, ELK)
• SOARs (e.g., Sentinel, CORTEX, X-SOAR)
• Developing and deploying threat detection signatures
• Detecting host and network-based intrusions
• Collecting data from a variety of cyber defense resources. (e.g., CVE, OSINT)
• Recognizing and categorizing types of vulnerabilities and associated attacks
• Reading and interpreting signatures (e.g., SNORT, SIGMA, Yara, YAML)
• Cyber defense and vulnerability assessment tools and their capabilities
• Network traffic analysis methods (e.g.,TCP-DUMP, Wireshark, Bro/Zeek)
• Familiar with cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks), and incident response and handling methodologies. (e.g., MITRE ATT&CK, LM Killchain)
• Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications
• Must have or ability to obtain within 90 days of hire - Data+, Security+, CySA+, GCIH, GNFA, GCFA or other industry recognized Cybersecurity Certification
• Ability to work a hybrid schedule on customer site in Fort Meade, MD on average 3 days a week. Flexibility is essential to adapt to schedule changes as needed
• A current TS/SCI level security clearance is required.

Nice To Haves

• DoD SOC experience is a plus

Responsibilities

• Conduct threat hunt operations on assigned JCRS-D (Big Data Platforms)
• Present threat hunt findings through live - interactive remote conference sessions
• Perform data analytics across disparate data sets
• Assist customer(s) with their threat hunting operations on location as required
• Perform quality assurance checks on data that is resident on JCRS-D
• Evaluate and analyze new data feeds to determine relevance and usability of data
• Support JCRS-D analytic requests (data search, visualizations, dashboards..etc)
• Provide real time customer support during normal working hours (JCRS-D support chat room)
• Maintain situational awareness of emerging cyber threats for possible action and notification to an impacted customer(s)
• Support JCRS-D demonstration requests to showcase various capabilities of the platform
• Support JCRS-D training events either in person or virtually
• Provide advice on data enrichment and functions to enhance customer experience
• Other duties as assigned

Benefits

• Erias Ventures provides a complete package of wealth, health, and happiness benefits.
• Wealth Benefits: Above Market Hourly Pay 11% Roth or Traditional 401k with Immediate Vesting and Deposit Spot Bonuses for Assisting with Business Development and Company Growth Professional Development Bonuses for Certificates and Degrees
• Health Benefits: Company subsidized Medical Coverage 100% Company Paid Vision and Dental Coverage 100% Company Paid Long Term Disability , Short Term Disability , and Group Life Insurance Monthly Wellness Reimbursement
• Happiness Benefits: Paid Time Off with Flexible Work Schedules and Birthday Off Amazon Prime Membership and Monthly Internet Reimbursement Technology and Productivity Allowance for Equipment and Supplies Morale Building and Company Events to Celebrate our Successes and Build our Community Onboarding and Annual Swag Company Paid Professional Development and Training