Senior Cyber Threat Hunter

Overview

AbleVets, LLC is a fast-growing Service Disabled Veteran Owned Small Business (SDVOSB) providing healthcare information technology services and resources to help the Veterans Affairs (VA) and Department of Defense (DoD) improve the lives of the people they serve. AbleVets has an opportunity for an experienced, motivated Senior Cyber Threat Hunter to support our VA customer. The role will be responsible for providing threat intelligence collection and monitoring, analysis, and reporting. The position is located on-site at the customer’s facility.

Responsibilities

The candidate will provide the following operational support to VA-CSOC focusing on expert level analysis in regards to APTs, Indicators of Compromise (IOC), Intelligence Gathering and Sharing with formalized partners.

 

The successful candidate will perform the following:

  • Determine if an event meets the criteria for additional cyber hunt investigation and/or constitutes a security incident subject to investigation and notify team lead or designate within 15 minutes.
  • Review audit logs and identify any unusual or suspect behavior.
  • Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks.
  • Develop and execute custom scripts to identify host-based indicators of compromise.
  • Implement new detection capabilities and improve upon existing security tools.
  • Determine scope of intrusion identifying the initial point of access or source.
  • Recommend remediation activities to secure the source or initial point of access of intrusion.
  • Provide cyber threat intelligence collection & correlation in coordination with the Cyber Threat Intelligence Team (CTI).
  • Provide executive level cyber security strategic recommendations along with security engineering recommendations and custom solutions to counter adversarial activity against the VA.
  • Provide advanced technical capabilities to the CSOC, including Big Data Analytics, and Predictive Intelligence.
  • Participate as a VA analyst point of presence during Government threat intelligence community exchanges.
  • Provide proactive APT hunting, incident response support, and advanced analytic capabilities.
  • Profile and track APT actors that pose a threat to the VA in coordination with threat intelligence support teams.
  • Support the incident response process by providing advanced analysis services when requested to include recommending containment and remediation processes, independent analysis of security events, and reporting of identified incidents to Incident Handling (IH). 
  • Develop analytics to correlate IOCs and maximize threat detection capabilities based off of defense analysis processes.
  • Create and disseminate summary reports, investigation reports, and threat briefs.
  • Supporting on-site during the following shift times: (1st shift) Monday through Friday:
    • 0600 - 1430 

Qualifications

  • Bachelor’s degree required with a minimum of ten (10) years related IT experience.  An additional eight (8) years of related experience can be substituted for degree requirement.  Four (4) years of relevant experience may be substituted with professional certification (e.g., CISSP, GREM or GCIH)
  • Certification (or ability to obtain certification within 120 days at the company's expense) in at least one of the following areas: Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA), GIAC Systems and Network Auditor (GSNA), GIAC Certified Incident Handler (GCIH), CERT - Certified Computer Security Incident Handler (CSIH), SPLUNK Certified Knowledge Manager, SPLUNK Certified Admin, or SPLUNK Certified Architect
  • Advanced network forensic experience with the following application layer protocols HTTP/S, DNS, NTP, SSH, FTP, and SMTP
  • Experience with advanced cyber security tools, network topologies, intrusion detection, PKI, and secured networks
  • In depth understanding of NIST SP 800-61, US CERT and Office of Management and Budget (OMB) standards
  • Experience interpreting and implementing cyber security regulations
  • Excellent verbal communication skills
  • Outstanding written skills for preparing reports and briefings
  • Excellent analytical and problem-solving skills
  • Ability to obtain a Public Trust clearance

EEO Statement

AbleVets LLC appreciates your interest in our company as a place of employment.  We are proud to be an equal opportunity/affirmative action employer and are committed to hiring and retaining a diverse workforce.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability, veteran status, or any other protected class.  AbleVets is a VEVRAA Federal Contractor. 


Back to top