Cyber Hunt Analyst (Intermediate) - Huntsville, AL

Job Code:8024-01
Category:Cyber Security
Location:Alabama - Huntsville
Job Type: Full Time
Education:4 Year Degree
Travel:5-15% travel may be required

Job Description:

The successful candidate will be part of a team that supports the development and implementation of cyber engineering strategies and techniques to enhance a system’s cyber-resiliency against existing and emerging cyber-threats.  The successful candidate will be required to perform hands-on technical analysis of test data and use critical thinking and a broad understanding of different technologies to identify areas susceptible to cyber-attack, based upon provided cyber-threat intelligence.  Upon identifying susceptibilities, assist in developing recommended improvements to engineering requirements and specifications.  The candidate will support development of presentations and reports to document findings, and will require good communication and interpersonal skills to convey findings in a tactful manner and at the technical proficiency of the audience.

Responsibilities include:

  • Capable of providing cybersecurity engineering support on systems, system elements, interfacing systems, components, devices and/or processes for developmental and operational weapon system programs
  • Possess in-depth technical and theoretical knowledge of cyber defensive operations and technologies
  • Analyze cyber-threat intelligence to identify threat-actor Tactics, Tools, and Procedures (TTPs) and apply this knowledge to system architectures to determine the likelihood of and impact of TTP execution
  • Analyze infrastructure logs and network data for event detection, correlation from monitoring solutions, triage and classify the output using automated systems for further investigation
  • Capable of working independently or as a team member to solve cybersecurity engineering problems
  • Develop cyber protection improvement recommendations that support the remediation and protection of systems under assessment
  • Perform requirements traceability to assessment findings
  • Perform cyber criticality, mission impact, and risk analysis
  • Translate analytical findings into security “use cases” that can be implemented within available surveillance capabilities
  • Provide detailed and accurate technical reporting of analysis results in the form of PowerPoint presentations and/or Word documents, as well as oral briefings on complex technical subjects attuned to senior management, technical, or non-technical audiences

Preferred Skills:

Position Requirements include:

  • Practical knowledge of high-level scripting/programming language (e.g. Python, Perl, PowerShell, etc.) to extract, de-obfuscate, or otherwise manipulate malware-related data
  • Proficient with forensic analysis tools and techniques to identify malware technical indicators of compromise and perform triage
  • Must possess excellent oral and written communication skills and critical thinking abilities
  • Capable of working independently and within teams to solve complex problems
  • Able to work across multiple organizations, cultures, and service providers to synthesize actionable information 
  • Practical knowledge of Splunk policies, filters and rules to improve event analysis and data correlation  
  • Knowledge of Windows and Unix/Linux Operating Systems 
  • Ability to perform analysis of network traffic and protocols
  • Background or experience in digital forensics is a plus
  • Practical knowledge and use of IBM Analyst Notebook preferred

Security Clearance: Must have current Secret clearance with a SSBI / Current Top Secret with SCI eligibility preferred 

Education and Experience: BA/BS recommended or 7 years of experience in a cyber related field

Professional Certifications: Must hold one or more of the following certifications in good, current standing: CISA, GCIH, GCED, CISSP, or CASP