Cyber Hunt Subject Matter Expert (SME)

Location: Travel, Remote
Apply Now
The mission
Graham Technologies is hiring a Cyber Hunt Subject Matter Expert (SME) this position is almost 100% travel.  We are looking for a SME  to perform Compromise Assessments, high-level analysis, collection, assessment, documentation, and deployment and implementation of tools. The Cyber Hunt SME will be a key member of a Cyber Hunt team responsible for participating in threat actor based investigations and participate in “hunt missions” using threat intelligence tools to identify Indicators of Compromise (IoC) to detect threat actors on customer networks. To execute this mission, the Threat Hunter will use data analysis, threat intelligence, and cutting-edge security technologies.

The challenge
  • Hunt for and identify active threats on a network or indications of a past cyber breach
  • Participate in "hunt missions" using threat intelligence and analysis of anomalous log data   
  • Perform analysis of alerts to determine whether an event is reportable
  • Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed
  • Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc
  • Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors.
What we're looking for
To land this position you must have a active  DoD Secret clearance and working knowledge of the below skills: 
  • Bachelor’s degree in an IT related field
  • Requires one of the following certifications: CISSP, CEH, ECSA, LPT, OSCP, GPEN
  • Five (5) years of experience applying subject matter knowledge, directly related to Compromise Assessments or recent operational security experience (SOC, Incident Response, Malware, Analysis, IDS/IPS Analysis, etc)
  • Proficiency with Windows, OSX, Unix, and Linux platforms;
  • Excellent written and verbal communication skills especially when translating technical information to non-technical audiences;
  • Experience with IOC tools and the deployment of devices/software used to conduct compromise assessments.
  • Demonstrated knowledge of the Splunk search language, search techniques, alerts, dashboards and report building.
  • Experience with Snort, Bro or other network intrusion detection tools
  • Detailed understanding of the TCP/IP networking stack & network technologies
  • Working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.)
  • Nominal understanding of regular expression and at least one common scripting language (PERL, Python, Powershell).
  • Strong collaborative skills and proven ability to work in a diverse global team of security professionals
What you can expect from us
We’ll pay you a competitive salary commensurate to your experience.  Graham Technologies benefits package includes comprehensive health and dental care, life insurance and AD&D, 401(k), up to 27 days of paid time off per year, 10 holidays per year, short and long term disability, education/training assistance, referral program and transportation benefits. We also believe in work to life balance and treating our employees as part of the Graham Tech family.  We are looking for employees who want to grow in their career and with our company.   
About Graham Technologies
Established in 2007, Graham Technologies provides Information Technology (IT) and engineering support services to the commercial and federal sectors. Through Superior IT support services and application modernization, Graham has assisted customers in achieving their respective goals and objectives; increasing their return on investment (ROI); and maintaining efficiency and effectiveness of their IT solutions.  Graham Technologies is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.                                                                                                  

Are you willing to accept the mission?
Sounds interesting? Start the conversation. Tell us what the next step in your career could be.

this job portal is powered by CATS
Powered by CATS.