Cyber Threat Hunter

$101,400 - $183,300/Yr

Leidos - Ashburn, VA

posted 2 months ago

Full-time - Mid Level
Ashburn, VA
Professional, Scientific, and Technical Services

About the position

The Cyber Threat Hunter position at Leidos involves joining the NOSC Cyber Team to prevent, identify, contain, and eradicate cyber threats to the Department of Homeland Security (DHS) networks. The role focuses on monitoring, intrusion detection, and protective security services for various information systems, including LAN/WAN, cloud, and mobile devices. The ideal candidate is process-driven, curious, and skilled at identifying patterns and anomalies in data.

Responsibilities

  • Create Threat Models to understand the DHS IT Enterprise and identify defensive gaps.
  • Author, update, and maintain SOPs, playbooks, and work instructions.
  • Utilize Threat Intelligence and Threat Models to create threat hypotheses.
  • Plan and scope Threat Hunt Missions to verify threat hypotheses.
  • Proactively search through systems and networks to detect advanced threats.
  • Analyze host, network, and application logs, as well as malware and code.
  • Prepare and report risk analysis and threat findings to stakeholders.
  • Create, recommend, and assist with the development of new security content from hunt missions.
  • Coordinate with different teams to improve threat detection and response.

Requirements

  • Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
  • 8-12 years of experience in incident detection and response, malware analysis, and/or cyber forensics.
  • Active Top Secret Clearance and ability to obtain an Entry on Duty (EOD) clearance.
  • At least 4 years of experience as a SOC Analyst and/or Incident Responder.
  • Ability to work independently with minimal direction.
  • One of the following certifications: CASP+ CE, CCNP-Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP.

Nice-to-haves

  • Expertise in network and host-based analysis and investigation.
  • Experience planning and executing threat hunt missions.
  • Understanding of complex Enterprise networks including routing, switching, firewalls, proxies, and load balancers.
  • Working knowledge of common networking protocols (HTTP, DNS, SMB, etc.).
  • Familiarity with both Windows and Linux systems.
  • Proficient with scripting languages such as Python or PowerShell.
  • Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL).
  • Experience triaging and responding to APT activities.
  • Experience with AWS, Azure, O365, containers, etc.
  • Understanding of the current cyber threat landscape and investigation techniques.

Benefits

  • Competitive salary based on experience and qualifications.
Job Description Matching

Match and compare your resume to any job description

Start Matching

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service