Job Description

Salary: 104,650 - 189,175 USD per year Requirements:

• Bachelor’s Degree and 8 – 12 years of prior relevant experience in order to operate within the scope contemplated by the level. Additional experience and certifications may be considered in lieu of a degree.
• 5+ years of recent experience with host-based and network-based security monitoring using cybersecurity capabilities.
• Must have experience developing scripts to support cyber threat detection that outputs results in various formats, such as VB scripts, Python, C++, HTML, XML, or others.
• Ability to work independently with minimal direction; self-starter/self-motivated.
• Required certifications: One of the following:
• - Certified Information System Security Professional (CISSP)
• - SANS - GCIA – Intrusion Analyst
• - SANS - GREM – Reverse Engineering Malware
• - SANS - GISF – Security Fundamentals
• - SANS - GXPN – Exploit Researcher and Advanced Penetration Tester

Responsibilities:

• Create Threat Models to better understand the DHS IT Enterprise, identify defensive gaps, and prioritize mitigations.
• Author, update, and maintain SOPs, playbooks, and work instructions.
• Utilize Threat Intelligence and Threat Models to create threat hypotheses and plan and scope Threat Hunt Missions to verify those hypotheses.
• Proactively and iteratively search through systems and networks to detect advanced threats.
• Analyze host, network, and application logs, in addition to malware and code.
• Prepare and report risk analysis and threat findings to appropriate stakeholders.
• Lead cyber threat hunt missions with minimal supervision or guidance and recommend courses of action, best practices, and mitigating actions to improve security practices.
• Write clearly and concisely regarding technical and non-technical products based on threat hunt findings and outcomes.
• Brief senior-level leaders and executives on technical topics while translating them into non-technical terms for decision-makers.
• Develop scripts to support cyber threat detection, outputting results in multiple formats.
• Conduct cyber threat analysis, identifying mitigation and/or remediation courses of action and trending cyber threat metrics for leadership situational awareness.
• Maintain a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats, actors, and activities to enhance the organization’s cybersecurity posture.
• Create and assist with the development of new security content resulting from hunt missions, including signatures, alerts, workflows, and automation.
• Coordinate with different teams to improve threat detection, response, and overall security posture of the Enterprise.
• Identify, track, and investigate high-priority threat campaigns and malicious actors.
• Maintain the daily battle rhythm and schedule of threat hunts with an emphasis on attention to detail and technical analysis.
• Review current and emerging cyber threat intelligence to maintain situational awareness.
• Create daily, weekly, and monthly reporting data and collect, aggregate, and report on metrics derived from threat hunts.

Technologies:

• Support
• Network
• Python
• Security
• XML
• Cloud
• LAN
• Mobile

More:

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on our commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. If you thrive in a dynamic environment and are looking for a role where you can make a significant impact, we encourage you to apply.

The Digital Modernization Sector merges our digital transformation and IT programs, enabling us to better serve our customers with scale and repeatability. We have a critical need for a Cyber Threat Hunter within the U.S. Department of Homeland Security (DHS) and CISA Security Operations Center (SOC), which is responsible for preventing, identifying, containing, and eradicating cyber threats to CISA networks.

Job Tags

Full time,

Similar Jobs