Today
Top Secret
Unspecified
Unspecified
IT - Security
Arlington, VA (On-Site/Office)
Tyto Athene is searching for a Lead Cyber Threat Hunter to support our customer in Arlington, Virginia.
Responsibilities:
* Actively hunt for Indicators of Compromise (IOC) and threat actor Tactics, Techniques, and Procedures (TTP) in the network and the host as necessary
* Search network flow, PCAP, logs, and sensors for evidence of cyber-attack patterns, and hunt for Advanced Persistent Threats (APT)
* Create detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate teams
* Collaborate with the SOC and Threat Analysts to contain and investigate major incidents
* Provide simple and reusable hunt tactics and techniques to a team of security engineers, SIEM specialists, and SOC analysts
* Work with leadership and the engineering team to improve and expand available toolsets
* Analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture
* Monitor open source and commercial threat intelligence for IOCs, new vulnerabilities, software weaknesses, and other attacker TTPs.
Required:
* Bachelor's degree in Computer Science, Information Technology, or related field and 8 years of relevant experience or a Masters degree and 4 years
* Experience with securing and hardening IT infrastructure
* Demonstrated or advanced experience with computer networking and operating systems
* Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses
* Demonstrated proficiency with regular expression and scripting languages, including Python or PowerShell
* Demonstrated proficiency with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack
* Experience with network hunting, including Bro Logs, DNS, Netflow, PCAP, or firewalls and proxies
* Knowledge of Windows and Linux OS' and command line
* Ability to analyze malware, extract indicators, and create signatures in Yara and Snort
* Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences to include at the executive level
* Knowledge related to the current state of cyber adversary tactics and trends
* Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building
* Knowledge of the TCP/IP networking stack and network IDS technologies
Desired:
* Previous experience working as a cyber threat hunter
* Experience with operational security, including security operations centers (SOC), incident response, digital forensics, and malware analysis
* Experience with major cloud service provider offerings
* Knowledge of offensive security tools and techniques
Clearance: Active Top Secret required. Top Secret w/ SCI eligibility preferred.
Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
Compensation:
• Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically $170K-$182K. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.
Benefits:
• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and maternity/paternity leave
Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.
At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto?
Tyto Athene is an Equal Opportunity Employer and fully complies with all EEOC regulations. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
Responsibilities:
* Actively hunt for Indicators of Compromise (IOC) and threat actor Tactics, Techniques, and Procedures (TTP) in the network and the host as necessary
* Search network flow, PCAP, logs, and sensors for evidence of cyber-attack patterns, and hunt for Advanced Persistent Threats (APT)
* Create detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate teams
* Collaborate with the SOC and Threat Analysts to contain and investigate major incidents
* Provide simple and reusable hunt tactics and techniques to a team of security engineers, SIEM specialists, and SOC analysts
* Work with leadership and the engineering team to improve and expand available toolsets
* Analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture
* Monitor open source and commercial threat intelligence for IOCs, new vulnerabilities, software weaknesses, and other attacker TTPs.
Required:
* Bachelor's degree in Computer Science, Information Technology, or related field and 8 years of relevant experience or a Masters degree and 4 years
* Experience with securing and hardening IT infrastructure
* Demonstrated or advanced experience with computer networking and operating systems
* Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses
* Demonstrated proficiency with regular expression and scripting languages, including Python or PowerShell
* Demonstrated proficiency with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack
* Experience with network hunting, including Bro Logs, DNS, Netflow, PCAP, or firewalls and proxies
* Knowledge of Windows and Linux OS' and command line
* Ability to analyze malware, extract indicators, and create signatures in Yara and Snort
* Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences to include at the executive level
* Knowledge related to the current state of cyber adversary tactics and trends
* Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building
* Knowledge of the TCP/IP networking stack and network IDS technologies
Desired:
* Previous experience working as a cyber threat hunter
* Experience with operational security, including security operations centers (SOC), incident response, digital forensics, and malware analysis
* Experience with major cloud service provider offerings
* Knowledge of offensive security tools and techniques
Clearance: Active Top Secret required. Top Secret w/ SCI eligibility preferred.
Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
Compensation:
• Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically $170K-$182K. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.
Benefits:
• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and maternity/paternity leave
Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.
At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto?
Tyto Athene is an Equal Opportunity Employer and fully complies with all EEOC regulations. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
group id: 91085617
