Mid-Level Cyber Threat Hunter

About the position

Tyto Athene is seeking a Mid-Level Cyber Threat Hunter to enhance the security posture of our client in Arlington, Virginia. This role involves securing and hardening IT infrastructure, conducting operational security tasks, and utilizing advanced data hunting techniques to identify and mitigate cyber threats. The ideal candidate will possess strong analytical skills and the ability to communicate effectively with various stakeholders, including executive-level audiences.

Responsibilities

• Experience with securing and hardening IT infrastructure
• Demonstrated or advanced experience with computer networking and operating systems
• Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses
• Demonstrated proficiency with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack
• Experience with network hunting, including Bro Logs, DNS, Netflow, PCAP, or firewalls and proxies
• Knowledge of Windows and Linux OS' and command line
• Ability to analyze malware, extract indicators, and create signatures in Yara and Snort
• Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences to include at the executive level
• Knowledge related to the current state of cyber adversary tactics and trends
• Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building
• Knowledge of the TCP/IP networking stack and network IDS technologies

Requirements

• Bachelor's degree in Computer Science, Information Technology, or related field
• 4 years of relevant experience
• Experience with securing and hardening IT infrastructure
• Demonstrated or advanced experience with computer networking and operating systems
• Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses
• Demonstrated proficiency with regular expression and scripting languages, including Python or PowerShell
• Demonstrated proficiency with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack
• Familiarity with Netflow data, DNS logs, Proxy Logs
• Experience with network hunting, including Bro Logs, Netflow, PCAP, or PaloAlto firewalls and proxies
• Knowledge of Windows and Linux OS' and command line
• Ability to analyze malware, extract indicators, and create signatures in Yara, Snort, and IOCs
• Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences to include at the executive level
• Knowledge related to the current state of cyber adversary tactics and trends
• Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building
• Knowledge of the TCP/IP networking stack and network IDS technologies

Nice-to-haves

• Previous experience working as a cyber threat hunter
• Experience with operational security, including security operations centers (SOC), incident response, digital forensics, and malware analysis
• Experience with major cloud service provider offerings
• Knowledge of offensive security tools and techniques

Benefits

• Opportunities for career growth and development
• Innovative and collaborative work environment
• Mission-focused IT and Cyber services and solutions