Job Description

We are seeking a Cyber Threat Hunter/Analyst for a contract opportunity in Littleton, CO.  In this role, you will be configure security solutions, identifying and prioritizing potential threats.  You will also perform incident response, issue resolution, and assessment or communication of security risk to the enterprise and provide support by monitoring real-time security alerts, identifying and prioritizing potential threats. Lead security incident investigations. Complete and deliver complex security reports to management in business terms.  Additional responsibilities of this role are as follows:

• Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise.
• Create correlations and other logic to identify attackers and defend the network against advanced attacks.
• Hunt for and identify threat actor groups and their techniques, tools and processes Identify gaps in IT infrastructure by mimicking an attacker's behaviors and responses
• Provide expert analytic investigative support of large scale and complex security incidents
• Perform Root Cause Analysis of security incidents for further enhancement of alert catalog.
• Daily Traffic Review – replaying traffic from previous shifts and reviewing customer reports to ensure potential security incidents were not missed by a Level 1 Analyst.
• Report Run Verification – ensure customer reports run as scheduled
• Improve their knowledge of the customer environment, intrusion detection, methodologies, and intrusion detection services with the support of on-going training from the analysts and self-study
• Review SOC Activity log, cases and other monitoring tools for complete understanding of previous shift activities and incidents
• Handle Tier 2 event incident response, case management, and customer notification
• Ensure security devices contain up-to-date signatures libraries
• Assist with engineering tasks as necessary
• Train SOC Level 1 Analysts on new attack signatures and attack methodologies
• Providing process and operational improvement suggestions
• Review and update documentation (such as SOPs and TTPs)
• Complete vendor training as requested by Management
• Daily Case Management – the Security Analyst will review open cases and provide follow up that may be required
• SOC Activity Log –creating, reviewing, and maintaining entries , working with other analysts Report Creation – creating temporary or permanent reports for customers, as requested.
• Tuning – regularly performing tuning and filtering SIEM alerts and monitoring components to ensure only relevant security data is gathered

Qualifications

• 5+ years of Information Security experience • 5+ years Firewall management and rules analysis • 2-4 years of systems analysis • Working knowledge of Linux and syslog from CLI • Excellent writing and communications skills • Familiarization with a variety of information and network security monitoring tools (ArcSight SIEM, QRadar SIEM, Splunk, Arbor DDoS Mitigation, Cisco IDS/IPS, Netcool, and Imperva WAF, among others) • Ability to work in a dynamic team-centered environment

Certifications preferred (any of these will be great):

• Certified Information Systems Security Professional (CISSP) • Information Systems Security Engineering Professional (CISSP-ISSEP) • Systems Security Certified Practitioner (SSCP) • CompTIA Security+ • Certified Ethical Hacker (CEH) • Certified Security Analyst (ECSA) • Certified Incident Handler (ECIH) • CompTIA Cybersecurity Analyst (CSA+) • Information Technology Infrastructure Library (ITIL) • Cisco CCNA • Cisco CCNP + Security • GSEC • GCIH • GCIA • MCSE • Linux+

Additional Information

THIS CONTRACT ROLE IS LOCATED ONSITE IN LITTLETON, CO.  DUE TO THE FEDERAL GOVERNMENT PROJECTS THIS ROLE WILL BE SUPPORTING, THE SELECTED CANDIDATE FOR THIS ROLE, WILL NEED TO BE A U.S. CITIZEN.