What are the responsibilities and job description for the Cyber Hunt Analyst (Hybrid) - 20854 position at Enlighten?
We recognize that the most effective environment for your projects doesn’t always look the same. Our hybrid work approach ensures that you can make lasting relationships with your team and collaborate in-person to get the job done—while having the flexibility to be working from home when needed to achieve focused results.
Why Enlighten?
At Enlighten, our team’s unwavering work ethic, top talent and celebration of innovative ideas have helped us thrive. We know that our employees are essential to our company’s success, so we seek to take care of you as much as you take care of us. Here are a few highlights of our benefits package:
• 100% paid employee premium for healthcare, vision and dental plans.
• 10% 401k benefit.
• Generous PTO 10 paid holidays.
• Education/training allowances.
Anticipated Salary Range: $119,155.00 - $170,000.00. The salary range for this role is intended as a good faith estimate based on the role's location, expectations, and responsibilities. When extending an offer, Enlighten takes a variety of factors into consideration which include, but are not limited to, the role's function, internal equity and a candidate's education or training, work experience, certifications and key skills. Occasionally positions/roles may include additional non-recurrent compensation and will be addressed by the recruiter during the interview process.
Job Description
Enlighten is looking for a Cyber Hunt Analyst with Data Science experience to apply strong cyber security, Defensive Cyber Operations (DCO) and networking domain knowledge to support cyber analytics product development, threat analysis, statistical analysis, model development and direct customer mission support. Regular cyber hunt activities consist of hunting for threats, reporting on findings, and converting tools, techniques and processes into automated capabilities for the current cyber platform. Regular data science activities consist of operational research, statistical analysis, hypothesis testing, model building/testing and communicating results using visualizations. Will also be responsible for collecting customer Cyber Operations requirements, generating use cases, providing Cyber SME support and system training to end users. Will be providing on-site customer support in San Antonio, TX 2-3 days/week on average.
#LI-KB2 #Mid-Senior Level
Essential Job Responsibilities
- Conduct threat hunt operations on assigned Big Data Platform(s) – BDP
- Present threat hunt findings through live - interactive remote conference sessions
- Perform data analytics across disparate data sets
- Assist customer(s) with their threat hunting operations
- Perform quality assurance checks on data that is resident on the BDP
- Evaluate and analyze new data feeds to determine relevance and useability of data
- Support BDP analytic requests (data search, visualizations, dashboards..etc)
- Provide real time customer support during normal working hours (BDP support chat room)
- Maintain situational awareness of emerging cyber threats for possible action and notification to an impacted customer(s)
- Support BDP demonstration requests to showcase various capabilities of the platform
- Support BDP training events either in person or virtually
- Provide advice on data enrichment and functions to enhance customer experience
- Additional duties as assigned
Minimum Qualifications
- Security Clearance: A current TS/SCI level U.S. Government Security Clearance is required; U.S. Citizenship required.
- 9 years of relevant experience with Bachelor’s Degree in Information Technology, Cyber Security or similar field; 7 years relevant experience with Masters in related field; or High School Diploma or equivalent and 13 years relevant experience
- Minimum 3 years of experience in cyber security operations related fields.
- Excellent public speaking, presentation, and customer service skills
- Proficient in various query languages (SQL, Lucene, JEXL, KQL (Kusto and Kibana))
- Python experience is a must
- Experience with dashboarding/visualizations (Power-Bi, Superset, Kibana)
- Familiarity with cloud providers and environments (Azure, AWS, Google Cloud Platform)
- SIEMs - (e.g., Splunk, Q-Radar, ArcSight, ELK)
- SOARs (e.g., Sentinel, CORTEX, X-SOAR)
- Developing and deploying threat detection signatures
- Detecting host and network-based intrusions
- Collecting data from a variety of cyber defense resources. (e.g., CVE, OSINT)
- Recognizing and categorizing types of vulnerabilities and associated attacks
- Reading and interpreting signatures (e.g., SNORT, SIGMA, Yara, YML, XML)
- Network traffic analysis methods (e.g.,TCP-DUMP, Wireshark, Bro/Zeek)
- Familiar with cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks), and incident response and handling methodologies. (e.g., MITRE ATT&CK, LM Killchain)
- Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications
- Must be able to obtain Security certification within 60 days of hire
- Must be able to work in a hybrid environment, spending one average 2 days a week onsite in San Antonio, TX. Flexibility is essential to adapt to schedule changes as needed.
Preferred Requirements
- DoD SOC experience is a plus.
- Experience using Jupyter notebooks is a plus
- Open to travel CONUS or OCONUS, if requested by the customer.
We have many more additional great benefits/perks that you can find on our website at www.eitccorp.com [eitccorp.com].
Enlighten, an HII Company, is an Equal Opportunity/Veterans and Disabled Employer. U.S. citizenship may be required for certain positions. HII Is committed to cultivating an inclusive company culture to promote collaboration and enhance creativity by hiring a diverse work force.
Salary : $119,155 - $170,000
