Applied Memetics LLC Cyber Security Specialist, Senior (Threat Hunter/10 yrs experience) in Charleston, South Carolina
Applied Memetics LLC is seeking an experienced, motivated Cyber Security Specialist, Senior (Threat Hunter) to support our VA customer. Candidate must be available to work from Hines, IL, Martinsburg, WV, or Washington, DC. This role may be designated as remote with government approval. U.S. Citizenship is required for this role.
Must have experience with:
SIEM (prefer Splunk or ArcSight) experience in custom queries, searches, creating correlated alerts, and dashboard creation
Splunk or similar SIEM experience from the perspective of creating searches and understanding how to pivot in the data fields to follow an investigation.
An understanding of how to mine IOCs and what to do with them.
Understanding of what an APT and FO (Focused Operators) are and how they work
Event/Incident research specifically as it ties into APTs and FOs
Understanding of the APT Kill Chain
An understanding of Hacker/APT TTPs
An understanding and analysis of event logging from many different devices
Understanding of malware and malware behavior
Prefer self-motivated folks
A deep desire to win and persistent in sometimes frustrating circumstances
Performs advanced analysis of adversary tradecraft, malicious code, and capabilities. Provides cyber threat and intelligence analysis, and develops briefings and reports to distribute and aid in information sharing and protection efforts. Develops and maintains subject matter expertise of Advanced Persistent Threats and assists with Incident Response efforts.
Serves as the expert which shall be responsible for providing expert cyber threat and intelligence technical support to all sites listed in the place of performance. The Advanced Cyber Threat Analyst II is required to provide expert technical support to monitor, correlate, identify, analyze, mitigate, manage, track and support processes for all security incidents. The Advanced Cyber Threat Analyst II shall have knowledge of, and experience in, the following:
Cyber Security Policy and advanced cyber security threat mitigation at the Expert level
Advanced Cyber security tools, network topologies, intrusion detection, PKI, and secured networks
Implementation of cyber security regulations
Tracking all activity, insuring timely resolution of problems
Coordinating the development of advanced security signature or access control mechanisms that can be implemented on security systems such as intrusion prevention - detection systems, firewalls, routers or endpoint in response to new or observed threats within the enterprise
Leading the identification of advanced security systems and controls to ensure the monitoring and configuring of security appliances
Ensuring that Analysts receive and analyze alerts from various enterprise level sensors and determine possible causes of such alerts
Performing advanced analysis of adversary tradecraft, malicious code, and capabilities
Creating and leading processes that support the analysis of log files from a variety of enterprise level systems and sensors to include individual host logs, network traffic logs, firewall logs, and intrusion detection/prevention system logs
Identifying anomalous activity and potential threats to enterprise resources
Monitoring external and internal data sources in order to maintain enterprise threat conditions
Leading the processes which support event correlation by using information gathered from a variety of system and sensor sources within the enterprise;
Managing the collection and advanced analysis of intrusion artifacts and using discovered data to enable mitigation potential of incidents within the enterprise.
Providing advanced network event analysis and intrusion analysis.
Bachelor’s degree in Information Technology or Business
Minimum of six (6) years oof Information Technology experince, in addition to a minimum of four (4) years of advanced Cyber Threat Information experience
Must hold one of the following certifications:
Certified Ethical Hacker (CEH)
Certified Information Systems Auditor (CISA)
GIAC Systems and Network Auditor (GSNA)
GIAC Certified Incident Handler (GCIH)
Certified Computer Security Incident Handler (CSIH)
Excellent verbal communication skills
Outstanding written skills for preparing reports and briefings
Excellent analytical and problem solving skills
Ability to obtain a DoD Secret security clearance
U.S. Citizenship is required as is successfully passing a thorough Government background screening process requiring the completion of detailed forms and fingerprinting** Government Contracting Experience Preferred **
External Company URL: http://www.appliedmemeticsllc.com/