Anyone with interest in joining our Cyber Hunt team in OAHU, HI should contact me soonest... these seats won't likely be open long. We're seeking those with the following:
Performs cyber intelligence gathering and threat analysis of threats, including nation-state sponsored threats for a large organization. Actively provides in-depth incident analysis. Evaluates security incidents and performs research. Monitors, analyzes and correlates network traffic utilizing the latest in security tools and technology. Reviews threat data from various sources; coordinates with federal leadership, as well as government agencies to provide reporting and situational awareness.
- Perform daily review of cyber threat warnings, bulletins, alerts, and incident reporting documentation and databases produced by the U.S. Government (USG), Department of Defense (DoD) and Intelligence Community (IC).
- Conducts research on emerging security threats; Provides correlation and trending of cyber incident activity.
- Maintains knowledge of adversary activities, including intrusion set tactics, techniques and procedures (TTP).
- Maintains Situational Awareness and reports on advanced threats, including Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
- Communicates events to agencies regarding intrusions and compromises to network infrastructure, applications and operating systems; assists with implementation of counter-measures and mitigating controls.
- Analyzes relevant cyber security event data for attack indicators and breaches that may yield detection/prevention content
- Prepares cyber threat assessments based on threat analysis, coordinates cyber threat tracking with other organizations and the government; assists in developing reports, briefings and assessments to facilitate the understanding of cyber threats.
- Provides expert quality network traffic (PCAP) and Net Flow analysis.
- Experience with multiple programming languages.
- Experience in software reverse engineering or software development.
- In-depth knowledge of IDA Pro/Debuggers.
- In-depth knowledge of dynamic /static malware analysis and memory analysis.
- In-depth knowledge of Windows Operating System Internals (Kernel, Registry, File System, Windows APIs.
- Supports SOC analysis and incident response as needed.
- Creates and maintains Standard Operating Procedures and other documentation as needed.
A qualified candidate should also have excellent analytical and problem solving skills as well as interpersonal skills to interact with customers, team members and upper management; skilled in Incident Response and network security monitoring. Strong writing skills highly desired. Technically proficient in network communication using TCP/IP protocols, system administration knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch). Knowledgeable of Windows, Linux and Cisco operating systems, networking, and information security; Experience with EnCase, Splunk, McAfee NSM, Fidelis, and SourceFire is desirable.
***Obtain and maintain compliance with applicable DoD 8570.01-M requirements. Cyber threat analyst support requires at least IAT Level II and CND Analyst certifications.
Apr 15th 2016
4 years ago