Tyto Athene, LLC
Mid-Level Cyber Threat Hunter
Tyto Athene, LLC, Arlington, Virginia, United States, 22201
Job Description
Tyto Athene is searching for a Mid-Level Cyber Threat Hunter to support our customer in Arlington, Virginia.
Responsibilities:
Experience with securing and hardening IT infrastructure Demonstrated or advanced experience with computer networking and operating systems Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses Demonstrated proficiency with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack Experience with network hunting, including Bro Logs, DNS, Netflow, PCAP, or firewalls and proxies Knowledge of Windows and Linux OS' and command line Ability to analyze malware, extract indicators, and create signatures in Yara and Snort Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences to include at the executive level Knowledge related to the current state of cyber adversary tactics and trends Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building Knowledge of the TCP/IP networking stack and network IDS technologies Required:
Bachelor's degree in Computer Science, Information Technology, or related field and4 years of relevant experience Experience with securing and hardening IT infrastructure Demonstrated or advanced experience with computer networking and operating systems Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses Demonstrated proficiency with regular expression and scripting languages, including Python or PowerShell Demonstrated proficiency with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack Familiarity with: Netflow data, DNS logs, Proxy Logs Experience with network hunting, including Bro Logs, Netflow, PCAP, or PaloAlto firewalls and proxies Knowledge of Windows and Linux OS' and command line Ability to analyze malware, extract indicators, and create signatures in Yara, Snort, and IOCs Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences to include at the executive level Knowledge related to the current state of cyber adversary tactics and trends Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building Knowledge of the TCP/IP networking stack and network IDS technologies Desired:
Previous experience working as a cyber threat hunter Experience with operational security, including security operations centers (SOC), incident response, digital forensics, and malware analysis Experience with major cloud service provider offerings Knowledge of offensive security tools and techniques
Clearance:
Active Secret clearance required
Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
Additional Information
After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.
Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your careerit's time to join Team Tyto!
Tyto Athene is searching for a Mid-Level Cyber Threat Hunter to support our customer in Arlington, Virginia.
Responsibilities:
Experience with securing and hardening IT infrastructure Demonstrated or advanced experience with computer networking and operating systems Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses Demonstrated proficiency with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack Experience with network hunting, including Bro Logs, DNS, Netflow, PCAP, or firewalls and proxies Knowledge of Windows and Linux OS' and command line Ability to analyze malware, extract indicators, and create signatures in Yara and Snort Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences to include at the executive level Knowledge related to the current state of cyber adversary tactics and trends Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building Knowledge of the TCP/IP networking stack and network IDS technologies Required:
Bachelor's degree in Computer Science, Information Technology, or related field and4 years of relevant experience Experience with securing and hardening IT infrastructure Demonstrated or advanced experience with computer networking and operating systems Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses Demonstrated proficiency with regular expression and scripting languages, including Python or PowerShell Demonstrated proficiency with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack Familiarity with: Netflow data, DNS logs, Proxy Logs Experience with network hunting, including Bro Logs, Netflow, PCAP, or PaloAlto firewalls and proxies Knowledge of Windows and Linux OS' and command line Ability to analyze malware, extract indicators, and create signatures in Yara, Snort, and IOCs Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences to include at the executive level Knowledge related to the current state of cyber adversary tactics and trends Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building Knowledge of the TCP/IP networking stack and network IDS technologies Desired:
Previous experience working as a cyber threat hunter Experience with operational security, including security operations centers (SOC), incident response, digital forensics, and malware analysis Experience with major cloud service provider offerings Knowledge of offensive security tools and techniques
Clearance:
Active Secret clearance required
Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
Additional Information
After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.
Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your careerit's time to join Team Tyto!