4008 Lead Cyber Threat Hunter

Procession Systems

Today
Public Trust
Unspecified
Unspecified
IT - Security
AL (On-Site/Office)
GENERAL DUTIES:
  • Integrate/analyze/tune feed of threat observables related to cyber threats that have the potential to impact CoPA industry (the Threat Observables Feed) into the SIEM platform to support our security threat monitoring.
  • Provide CoPA with notifications and reports on new and / or emerging security threats that have the potential to impact CoPA infrastructure. The Threat Reports will describe:
    • Major threats, threat landscapes, trends, attack vectors, and associated indicators to support threat monitoring in CoPA's environment.
    • Suggested Courses of Action (COAs) to mitigate the identified potential security threats.
  • Perform threat hunting by reviewing threat intelligence feeds and analyzing system alerts using the native capabilities of the SIEM. Threat Hunting activities include:
    • Researching threats identified by threat intelligence sources using the standard functionality of the SIEM that includes data sources such as firewall, web proxy, and Domain Name Services (DNS).
    • Performing SIEM Use Case/Hypothesis development. It is defined as a specific supposition regarding suspicious files / processes / threat actors to identify previously undetected active threats to CoPA's in-scope infrastructure.
  • Provide CoPA stakeholders with the threat advisories (description of the threat vector, potential impacts, and suggestions to reduce impact or implement safeguards) upon identification of a potential security threat that may impact the infrastructure.
  • Perform corrective actions (if any) for security alerts and threat advisories triggered on SOC managed devices when necessary.
  • Responsible for generating and investigating leads from Zeek network traffic at Internet Service Provider (ISP) visibility for areas of interest (AOI)
  • Subject matter expertise (SME) with APT threat actors and their TTPs
  • Experience querying/processing "big data" and building/automating threat hunting workflows (python and AWS skills desirable)


REQUIRED QUALIFICATIONS:
  • 10 years of experience and a BS degree.
  • Cyber Threat Hunting experience and some experience as a Manager or Technical Lead.
  • Experience supporting the DoD or similar agencies as a Cyber Threat Hunter


CLEARANCE:
  • Secret minimum
group id: 90943786
R
Recruiter
Find Procession Systems on Social Media
FacebookFacebookOther
Network Employers (12)
Z
Recruiter
A
Recruiter
K
Recruiter
S
Talent Research Manager
A
Recruiter
About Us
At Procession Systems we work on identifying top talent across various markets. We work with some of the world’s leading government contractors, ranging in size, taking on some of the biggest challenges in the defense, civilian, and Intelligence markets. Not only do we identify top talent in this space for our clients, but a well cared for candidate experience is our priority. At Procession Systems we are dedicated to your needs and here to serve you as you advance in your career!
See Procession Systems profile

Procession Systems Jobs

Location
Alabama Jobs
Job Category
IT - Security
Clearance Level
Public Trust