1+ months

Principal-Cybersecurity (Government)

Washington, DC 20004
Apply Now
Apply on the Company Site
Our Cybersecurity team is seeking a highly motivated threat hunter with a passion for solving complex problems and uncovering cybersecurity threats and threat actors. The job will focus on proactively seeking emerging threats contained within network traffic at the enterprise, sector, and global scale. This requires understanding the techniques used in various attacks, and the ability to recognize them via network metadata analysis. The ideal candidate will be process driven, curious, and enjoys the challenge of searching for insights within large volumes of data.

**Job Duties/Responsibilities:**

+ Lead the threat hunting process from start to finish, to include analyzing intelligence, forming hypotheses, executing the hunt, investigation of potentially malicious traffic, and communication of findings to analyst team and customer

+ Perform data analysis on large volumes of network traffic metadata (e.g. netflow, DNS, BGP) using tools such as Splunk, SiLK, and command line utilities

+ Develop dashboards, detailed technical reports, and alerts to identify potential threats, and vulnerabilities for the customer

+ Research new cyber threats, actors, and technologies to articulate analytical findings and defensive measures both verbally in customer briefings and in coherent written reports.

**Required Clearance:** Secret with ability to upgrade to Top Secret (#secret) (#topsecret)

**Required Skills, Experience, and Education:**

+ Deep understanding of Internet security and general adversarial tools and techniques.

+ Understanding of malicious network traffic v. non-malicious traffic characteristics and how to recognize and distinguish between them

+ Ability to drive development of new security capabilities and/or intelligence as the result of threat hunt missions which might include new signatures, alerts, workflows, and automation

+ Expert knowledge of TCP\IP, DNS, BGP, common networking ports and protocols, traffic flow, system administration, OSI model, defense in-depth and common cybersecurity elements.

+ Experience analyzing network flow and DNS metadata, and BGP records.

+ Experience with Linux Command Line, Python and\or BASH scripting.

+ Experience with tools such as: Splunk, NetWitness, Wireshark, SQL, IDA Pro, and a SIEM.

+ Experience writing\reading\maintaining SNORT signatures.

+ Comfortable working independently as well as closely with an agile development team.

+ Excellent verbal and written communication skills

+ Contribution: Expert level technical professional. Advisor on technical knowledge and ATT technologies.

+ Education: Bachelors degree in Computer Science, Information Systems, Engineering, Mathematics or Cyber Security or equivalent experience.

+ Experience: Typically requires 8-10 years experience. Technical Career Pathway (TCP) role

**Desired Qualifications:**

+ Highly Desired

+ Prior experience analyzing netflow and DNS data

+ Analysis experience using tools such as Bro and Suricata

+ Some proficiency with a programming/scripting language such as Python

+ Security certifications such as CEH, Security+, CISSP, Pen Testing

+ BS in Computer Science/Math/Statistics or related discipline

+ Proximity to Oakton, VA

+ TS/SCI security clearance

**Ready to join our team? Apply today!**
We expect employees to be honest, trustworthy, and operate with integrity. Discrimination and all unlawful harassment (including sexual harassment) in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment status.
Posted: 2021-08-14 Expires: 2021-11-25
Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Principal-Cybersecurity (Government)

Washington, DC 20004

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast