Cyber Hunt Engineer with Security Clearance

**ACTIVE TS/SCI SECURITY CLEARANCE REQUIRED** The hunt services team member will proactively search for indicators of compromise on NGA systems through planned and continuous hunt missions. They will use cybersecurity tools and data to identify security incidents that may go undetected by automated security tools. The hunt services team member will develop hunt missions generally based on one of the following methodologies: * Hypothesis-driven investigation. Hypothesis-driven investigations are driven by a large amount of data that provides insight into threat actors' latest tactics, techniques and procedures (TTP). Hunt services team members use this data to investigate whether those behaviors are present within the organization's current environment. * IOC-driven investigation. Indicators of compromise (IOC) are found in forensic "artifacts" and identify activity that indicates potential threats. Investigations driven by IOCs use threat intelligence to try to identify the effective threat within the organization's environment. Potential IOCs include network-based artifacts, host-based artifacts and authentication-based artifacts. Responsibilities: * Proactively search and identify indicators of compromise and anomalous behavior that has not met event/incident threshold, or has not been detected by automated security tools * Collect data from multiple cybersecurity tools, log sources, threat intelligence products, etc. and build hunt mission plans based off of the assessment of these data sources * Analyze collected data to find potential shortfalls in security controls and work with Advanced Cyber Analytics team to develop countermeasures to strengthen security * Study trends in cyber threats to better understand threat actors' behaviors, tactics, and goals * Provide findings from hunt missions to Cyber Threat Intelligence team for analysis and possible inclusion in developed intelligence products * Create, update, and document tickets in the authorized ticketing system * Other duties as assigned Qualifications: Required: * Candidate must have a TS/SCI with ability to obtain a CI Polygraph * Bachelor's Degree in a technical field * 5+ years experience in related cyber area * Certified DoD 8140.01 and 8570.01-M Information Assurance Technical Officer (IAT) Level III * CSSP-Analyst certification within 120 days of start date * Excellent writing skills with the ability to write clear and concise hunt reports Desired: * Master's degree Additional Information * All your information will be kept confidential according to EEO guidelines. * Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically $90-95k. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range. * Highlights of our benefits include Health/Dental/Vision, 401(k) match, Accrued PTO, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and more! Job applicants that are interested in one of our openings and may require a reasonable accommodation to participate in the job application or interview process, should contact us to request an accommodation.