Cyber Hunt Level II
Description:
What You'll Get to Do:
Our client is hiring a new member to our Cyber Security Hunt Services team. This role will proactively search for indicators of compromise on NGA systems through planned Hunt missions.
Assign the Cybersecurity Operations Manager to direct and oversee all Contractor support for this sub-service and serve as the primary Contractor representative to the government CSOC Director for coordination, collaboration, planning, communication, status updates, and necessary approvals of all actions in support of this sub-service
Operate as an end user, the relevant Technical Services assets contained within the Government Furnished Information - Software Tools list by vendor instructions, industry best practices, government directives, policies, procedures, etc.
Provide subject matter experts capable of conducting a deep analysis of raw data from assets supporting Network Security Services, Endpoint Security Services, and Cybersecurity Data Analysis Services
Proactively search and identify indicators of compromise and anomalous behavior which is indicative of malicious behavior that has not yet met the event/incident threshold, or has not been detected by automated security tools
More About the Role:
Proactively search and identify indicators of compromise and anomalous behavior which is indicative of malicious behavior that has not yet met the event/incident threshold, or has not been detected by automated security tools.
Assess data from multiple sources and navigate the cyber terrain to identify suspicious behavior.
Obtain data for validating predictive models generated by advanced analytics.
Augment identification and tracking of incidents.
Create, update, and document tickets in the authorized ticketing system to initiate the incident response process for any incidents discovered during the continuous hunt; tickets shall contain sufficient information to meet the equivalent ticket created via Tier 1 and Tier 2 and shall include a level of detail.
sufficient to enable the Government and other contract services to systematically reconstruct the analysis and methodology and any conclusions reached.
Provide input to the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report.
Proactively investigate anomalous behavior which is indicative of malicious behavior but has not yet met the event/incident threshold and/or has not been detected by automated security tools
Assessing and validating predictive models as provided by other services to locate potential adversary intrusions and unauthorized activity.
Other duties as assigned
You'll Bring These Qualifications:
Current TS/SCI and must obtain a CI Poly within 6 months of Start
Bachelor's Degree in a Technical Field
5+ years' experience working in related Cyber areas.
Current Security+ CERT to start work on the program; however, will need to obtain IAT Level III and CSSP Analyst Certification within six (6) months of your start date. These Qualifications Would be Nice to Have:
Master's Degree