Cyber Threat Hunt Lead

TekSynap•Ashburn, VA

6d•Onsite

About The Position

We are seeking an experienced Cyber Threat Hunt Lead in support of a government customer to join our team to provide Security Operations Support (SOC) Services to a government agency whose mission is to protect our Nation’s borders from terrorist attacks, to provide law enforcement for over forty (40) Federal agencies, and to protect the revenue of the United States while facilitating trade. The SOC is a single point of management and reporting for information security incidents. The SOC exists to prevent, identify, contain, and eradicate cyber threats to networks through monitoring, intrusion detection, and protective security services to information systems, including local area networks / wide area networks (LAN / WAN), commercial Internet connection, public facing websites, wireless, mobile / cellular, cloud, security devices, servers, and workstations. The SOC is responsible for the overall security of Enterprise-wide information systems and collects, investigates, and reports any suspected and confirmed security violations. TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles – the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers. We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays. Visit us at www.TekSynap.com . Apply now to explore jobs with us! By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP". "As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration" .

Requirements

A minimum of five (5) years of hands-on experience with experience in the last two (2) years that includes network-based security monitoring using cybersecurity capabilities.
Possess a strong cyber security background with experience in: host and network-based forensics related to the identification of advanced cyber threat activities, intrusion detection, malware identification, and security content development (e.g., signatures, rules, etc.)
Experience interpreting scripts to support cyber threat detection in a variety of formats, such as VB scripts, Python, C++, and HTML, XML or other types needed for analysis.
Experience in conducting cyber threat hunt analysis, utilizing cyber threat intelligence to identify and prioritize tactics, techniques, and procedures to hunt against.
Deep knowledge of capabilities and experience with security information and event management (SIEM) and networked-device management tools such as Splunk and Tanium.
Experience in maintaining a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats actors and activities to enhance cybersecurity posture of the organization’s IT operating environment.
Clearance requirement: Top Secret (SCI eligible)
A minimum of five (5) years of experience as a Tier III senior cyber threat hunt analyst performing threat analysis, technical analysis, and network asset traversal.
Bachelor’s of Science in computer engineering, computer science, IT or cyber security preferred (or 5 years of relevant work experience in lieu of a degree)
Certified Ethical Hacker (CEH) or one of the following: DoD 8570 IAT Level II or IAM Level I or CSSP Analyst / Incident Responder

Nice To Haves

Experience with cloud- based security technologies, architecture, and computing and searching, monitoring, and analyzing machine-generated big data is preferred.

Responsibilities

Work with the Cyber Threat Intelligence team to report significant findings of importance to leadership as well as coordinate with asset owners to deconflict findings.
Lead the Cyber Threat Hunt team to propose corrective actions and inform the necessary parties of security issues, reportable offenses, or cybersecurity best practices.
Assist Cyber Threat Hunt (CTH) with prioritizing cyber threat actor tactics, techniques, and procedures (TTPs), based on recent and relevant threat intelligence reporting.
Provide Cyber Threat Hunting support. This support includes threat modeling, proactively searching for malicious activity, developing risk analysis reports, creating formalized reports to inform stakeholders and situational awareness.
Assist with development of SOPs, playbooks, work instructions, and other procedures and processes to mature Threat Hunt capabilities.
Assist with preparation of hunt missions by analyzing data / information, consolidating Threat Intelligence, and identifying production requirements.
Proactively and iteratively conduct threat hunting efforts against networks, systems, and high value assets to detect and isolate advanced threats that evade automated security systems (i.e., EDR, IDS, AV).