Cyber Hunt Analyst
Arlington, VA

Job Description

Who We See k:

* Passion Seekers. You genuinely care about the work that you do and its impact on society.
* Self-Starters. You're a go-getter who isn't afraid to step up and disrupt the status quo.
* Entrepreneurs. You bring fresh ideas to the table, work hard, develop business and consistently seek new challenges.
* Collaborators. You're a great contributor to a high performing team that accomplishes great feats for our clients.

What You Will Do: Attain is currently seeking a talented Cyber Hunt Analyst to support an Agency-level Focused Operations Advanced Cyber Analytics team. This program provides targeted threat monitoring and response capabilities requiring analysts to have advanced levels of experience in security event monitoring, incident response, malware analysis and reverse engineering, cyber intelligence, insider threat, penetration testing, and fusion analysis (skills in more than one cyber discipline are preferred). The positions will respectively focus on Advanced Threat Detection and Identification.

Job Duties:

* Currently cleared or can be cleared to the TOP SECRET/SCI level preferably with a DHS-agency EOD.
* A minimum of five years of experience with assessing Advanced Persistent Threat (APT), attack methodologies, forensics analysis techniques, malware analysis, attack surface comprehension, Cyber Threat Emulation operations, Cyber Advanced Threat Emulation Team operations and research, identification, and verification of new APT TTPs.
* Bachelor's degree, technical degree, or equivalent work experience.
* Experience in cybersecurity analysis and research in support of APT investigations.
* Demonstrated Experience performing Network Forensics in support of cyber hunt investigations (e.g. Netflow and PCAP analysis).
* Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Cyber Threat Hunting (anomalous pattern detection and content management), Malware Analysis,Prior experience and ability to with analyzing information technology security events to discern events that qualify as legitimate security incidents as opposed to non-incidents. This includes security event triage, incident investigation, implementing countermeasures, and conducting incident response.
* Experience working with various event logging systems and must be proficient in the review of security event log analysis.
* Previous hands-on experience with a Security Information and Event Monitoring (SIEM) and Big Data Analytics platforms that perform log collection, analysis, correlation, and alerting is required, preferably Splunk, Sqrrl, ELK, Hadoop.
* Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts.
* Strong logical/critical thinking abilities, especially analyzing security events (windows event logs, Tanium queries, network traffic, IDS events for malicious intent).
* Strong proficiency Report writing - a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reporting, excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings.
* Excellent organizational and attention to details in tracking activities within various Security Operation workflows.
* A working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks, a conceptual understanding of Windows Active Directory is also required, and a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).
* A high level of understanding in relation to computer data storage, Windows operating system file directory structures, electronic directory file management, and applications software, including Microsoft Word and Excel.

Desired Skills:

* One or more certifications for Analysts: GCIA, GCED, GCFE, GCTI, GNFA, GCIH, CND, ECSA, OSCP, OSEE, OSCE, GXFN, GCFA, GREM, CHFI.
* Experience with analyzing deceptive technologies such as honeynets.
* Expertise on policies, industry trends, techniques related to penetration testing.
* Experience with one or more of the following tools Sqrrl, Splunk, Tanium, or ELK.

About Us:

Attain is a place for great ideas and the people who have them. As a management, technology, and strategy consulting firm, our professionals provide innovative solutions to revolutionize government, education, health, and nonprofit organizations and positively impact those they serve. We are business analysts, technologists, digital strategists, managers of change, and forward thinkers, with the entrepreneurial drive to shape the future. Our team is present in 40 states and the District of Columbia.

Visit www.attain.com/careers to explore your path forward with Attain.

CJ123

DICE123