Leidos - Ashburn, VA
posted 24 days ago
Full-time - Senior
Ashburn, VA
10,001+ employees
Professional, Scientific, and Technical Services
About the position
The Senior Cyber Threat Hunt Analyst plays a critical role in the U.S. Department of Homeland Security's Customs and Border Protection Security Operations Center. This position is responsible for preventing, identifying, containing, and eradicating cyber threats to CBP networks. The analyst will utilize threat intelligence, develop threat models, and lead threat hunt missions to enhance the cybersecurity posture of the organization. The role requires a comprehensive understanding of the cyber threat landscape and the ability to communicate findings effectively to stakeholders.
Responsibilities
- Create Threat Models to understand the DHS IT Enterprise and identify defensive gaps.
- Author, update, and maintain SOPs, playbooks, and work instructions.
- Utilize Threat Intelligence and Threat Models to create threat hypotheses.
- Plan and scope Threat Hunt Missions to verify threat hypotheses.
- Proactively search through systems and networks to detect advanced threats.
- Analyze host, network, and application logs, as well as malware and code.
- Prepare and report risk analysis and threat findings to stakeholders.
- Lead cyber threat hunt missions with minimal supervision and recommend best practices.
- Develop scripts to support cyber threat detection in various formats.
- Conduct cyber threat analysis and develop actionable intelligence.
- Create and recommend new security content based on hunt missions.
- Coordinate with teams to improve threat detection and response.
- Identify and investigate high priority threat campaigns and malicious actors.
- Maintain a comprehensive understanding of the cyber threat landscape.
Requirements
- 4+ years of experience with host-based and network-based security monitoring.
- Experience developing scripts in VB, Python, C++, HTML, XML, or similar formats.
- Ability to work independently with minimal direction.
- Bachelor's Degree and 8-12 years of relevant experience.
Nice-to-haves
- 5+ years of hands-on experience in cybersecurity monitoring.
- Understanding of complex Enterprise networks including routing and firewalls.
- Experience planning and executing threat hunt missions.
- In-depth knowledge of common networking protocols (HTTP, DNS, SMB).
- Expertise in network and host-based analysis.
- Previous DOD, IC, or Law Enforcement Intelligence experience.
- Knowledge of Structured Analytic Techniques.
- Advanced Degree in Cyber Security or related field.
- Familiarity with Windows and Linux systems.
- Proficient with scripting languages like Python or PowerShell.
- Familiarity with Splunk SPL or Elastic DSL.
Benefits
- Competitive compensation
- Health and Wellness programs
- Life Protection
- Paid Leave
- Retirement plans
