Contact Us | Falcon IT & Staffing Solutions

Cyber Hunt Threat Analyst

Job Title
Cyber Hunt Threat Analyst
Job ID
27556867
Location
Chicago,  IL
Other Location
Description
VA CHTA (Cyber Hunt Threat Analyst)

Cyber Threat and Hunt Analyst (CHTA)

Location:  Hines (Chicago area) IL or Martinsburg, WV  

Role: Cyber Threat and Hunt Analyst (CHTA)  

Project: VA Cyber Security Operations Center (CSOC)

Location:  Hines (Chicago area) IL or Martinsburg, WV 

 

Roles and Responsibilities:
- Determine if an event meets the criteria for additional cyber hunt investigation and/or constitutes a security incident
subject to investigation and notify team lead or designate within 15 minutes.
- Review audit logs and identify any unusual or suspect behavior.
- Provide targeted attack detection and analysis, including the development of custom signatures and log queries and
analytics for the identification of targeted attacks.
- Develop and execute custom scripts to identify host-based indicators of compromise.
- Implement new detection capabilities and improve upon existing security tools.
- Determine scope of intrusion identifying the initial point of access or source.
- Recommend remediation activities to secure the source or initial point of access of intrusion.
- Provide cyber threat intelligence collection & correlation in coordination with a cyber-threat team.
- Provide executive level cyber security strategic recommendations along with security engineering recommendations and
custom solutions to counter adversarial activity
- Provide advanced technical capabilities, including Big Data Analytics, and Predictive Intelligence
- Participate as an analyst point of presence during threat intelligence community exchanges
- Provide proactive APT hunting, incident response support, and advanced analytic capabilities
- Profile and track APT actors that pose a threat in coordination with threat intelligence support teams
- Support the incident response process by providing advanced analysis services when requested to include
recommending containment and remediation processes, independent analysis of security events, and reporting of
identified incidents to Incident Handling (IH)

- Develop analytics to correlate IOCs and maximize threat detection capabilities based off defense analysis processes
- Create and disseminate summary reports, investigation reports, and threat briefs

 

Basic Qualifications 

- Bachelor’s degree Computer Science, Information Systems Management, Engineer or related field with 5 years of relevant experience OR a Master's degree with 3 years of relevant experience. An additional 4 years of experience may be substituted in lieu of a Bachelor’s degree.
- 2 years of experience performing security assessments against web applications for vulnerabilities, security misconfigurations, and compliance-related concerns
- 2 years of experience with Splunk or a similar tool
- Certification in one of the following (Security+, Network+, VA CSP, CISSP, C|EH) or 5 years of experience overrides certification requirement
- US Citizenship in order to obtain a Veterans Affairs High Security Investigation (VA BI)

 
Preferred Qualifications:

- Knowledge of VA culture, mission, and IT environment

#LI-KB1

Option 1: Create a New Profile