• Cyber Hunt Analyst

    Huntington Ingalls Industries (Columbia, MD)


    Enlighten, honored as a Top Workplace from USA Today, is a leader in big data solution development and deployment, with expertise in cloud-based services, software and systems engineering, cyber capabilities, and data science. Enlighten provides continued innovation and proactivity in meeting our customers’ greatest challenges.

     

    Why Enlighten?

     

    At Enlighten, our team’s unwavering work ethic, top talent and celebration of innovative ideas have helped us thrive. We know that our employees are essential to our company’s success, so we seek to take care of you as much as you take care of us. Here are a few highlights of our benefits package:

     

    100% paid employee premium for healthcare, vision and dental plans.

    10% 401k benefit.

    Generous PTO + 10 paid holidays.

    Education/training allowances.

     

    Anticipated Salary Range: $114,236.00 - $160,000.00. The salary range for this role is intended as a good faith estimate based on the role's location, expectations, and responsibilities. When extending an offer, Enlighten takes a variety of factors into consideration which include, but are not limited to, the role's function, internal equity and a candidate's education or training, work experience, certifications and key skills. Occasionally positions/roles may include additional non-recurrent compensation and will be addressed by the recruiter during the interview process.

    Job Description

    Enlighten is looking for a Cyber Hunt Analyst with Data Science experience to apply strong cyber security, Defensive Cyber Operations (DCO), and networking domain knowledge to support cyber analytics product development, threat analysis, statistical analysis, model development, and direct customer mission support. Regular cyber hunt activities consist of hunting for threats, reporting on findings, and converting tools, techniques, and processes into automated capabilities for the current cyber platform. Regular data science activities consist of operational research, statistical analysis, hypothesis testing, model building/testing, and communicating results using visualizations. Will also be responsible for collecting customer Cyber Operations requirements, generating use cases, providing Cyber SME support, and system training to end users.

     

    #LI-DW2 #Mid-Senior Level

     

    Essential Job Responsibilities

     

    + Conduct threat hunt operations on assigned Big Data Platform(s) – BDP.

    + Present threat hunt findings through live - interactive remote conference sessions.

    + Perform data analytics across disparate data sets.

    + Assist customer(s) with their threat hunting operations.

    + Perform quality assurance checks on data that is resident on the BDP.

    + Evaluate and analyze new data feeds to determine relevance and usability of data.

    + Support BDP analytic requests (data search, visualizations, dashboards..etc).

    + Provide real time customer support during normal working hours (BDP support chat room).

    + Maintain situational awareness of emerging cyber threats for possible action and notification to an impacted customer(s).

    + Support BDP demonstration requests to showcase various capabilities of the platform.

    + Support BDP training events either in person or virtually.

    + Provide advice on data enrichment and functions to enhance customer experience.

    + Other duties as assigned

    Minimum Qualifications

    + Security Clearance - A current Secret level U.S. Government Security Clearance is required with the ability to obtain a TS/SCI level clearance; U.S. Citizenship required.

    + 5+ years of experience in cyber security operations related fields and a Bachelors in related field or 3 years experience with Masters; or High School Diploma and 9 years experience.

    + Experience with supporting DoD customers, ideally supporting US Cyber Command, DISA, or DCDC.

    + Cyber Hunt methodologies and techniques.

    + SIEMs - (e.g., Splunk, Q-Radar, ELK).

    + SOARs (e.g., Sentinel, CORTEX, X-SOAR).

    + Developing and deploying threat detection signatures and detecting host and network-based intrusions.

    + Collecting data from a variety of cyber defense resources. (e.g., CVE, OSINT).

    + Recognizing and categorizing types of vulnerabilities and associated attacks.

    + Reading and interpreting signatures (e.g., SNORT, SIGMA, Yara, YAML).

    + Cyber defense and vulnerability assessment tools and their capabilities.

    + Network traffic analysis methods (e.g.,TCP-DUMP, Wireshark, Bro/Zeek).

    + Familiar with cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks), and incident response and handling methodologies. (e.g., MITRE ATT&CK, LM Killchain).

    + Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.

    + Excellent customer service, public speaking, and presentation skills.

    + Ability to complete technical tasks without supervision.

    + Ability to foster and support a collaborative working environment.

    + Must have Data+, Security+, CySA+, GCIH, GNFA, GCFA or other industry recognized Cybersecurity Certification.

    + Travel as needed to support all duties listed above.

    + Must be able to work on customer site on average 4 days a week in either Columbia or Ft. Meade, MD. Flexibility is essential to adapt to schedule changes as needed.

    Preferred Requirements

    + TS/SCI level clearance is preferred.

    + DoD SOC experience is a plus

     

    We have many more additional great benefits/perks that you can find on our website at www.eitccorp.com [eitccorp.com].