Itlearn360
Data Exploiter (TS/SCI with Poly Required) at GDIT Chantilly, Loudoun County, VA
Itlearn360, Virginia, Minnesota, United States, 55792
Data Exploiter (TS/SCI with Poly Required) job at GDIT. Chantilly, Loudoun County, VA.
Location:
USA VA Chantilly
Job Req:
RQ210357
Clearance Level Must Currently Possess:
Top Secret SCI + Polygraph
Clearance Level Must Be Able to Obtain:
Top Secret SCI + Polygraph
Job Family:
IT Infrastructure and Operations
Skills:
Analytical Thinking, Documentation, Log Analysis, Open Source Intelligence
Certifications:
None
Experience:
5+ years of related experience
US Citizenship Required:
Yes
Job Description A qualified Data Exploiter reviews, manipulates, triages, and analyzes large datasets and collections. Candidate is responsible for supporting operational and analytical requirements. Activities include detailed log analysis, network traffic monitoring, and vulnerability risk assessment. The individual will conduct assessments of software tools and systems to identify vulnerabilities and work with internal and external technical stakeholders to enrich analysis. Able to follow the entire targeting life cycle by engaging in data exploitation of requirements collection, data analysis, summary and documentation, and actionable information dissemination.
Key Responsibilities
Track and monitor cyber actors, their activities, and infrastructure to identify potential threats and vulnerabilities.
Utilize industry-standard commercial and open-source tools for threat intelligence gathering and analysis.
Conduct proactive threat hunting to uncover malicious activity, indicators of compromise (IOCs), and tactics, techniques, and procedures (TTPs).
Chain cyber threat events across multiple data sources to build coherent threat narratives and timelines.
Analyze network traffic, logs, and endpoints to identify malicious behaviors and anomalous activities.
Develop actionable intelligence reports and briefings for both technical and non-technical stakeholders.
Collaborate with incident response, SOC, and other security teams to correlate findings and provide context.
Maintain an understanding of emerging cyber threats and trends, adjusting hunting techniques accordingly.
Communicate threat findings and intelligence through clear, concise briefings and visualizations.
Education and Experience
Bachelor's degree in computer science, information technology, or other related discipline, or equivalent combination of education, technical certifications, training, and work/military experience.
Required Qualifications
Strong knowledge of common cyber attack methodologies (e.g., MITRE ATT&CK, kill chain models).
Strong knowledge of TCP/IP communications.
Proficiency with commercial and open-source threat intelligence tools, such as:
SIEM (e.g., Splunk, Elastic Stack)
Network traffic analysis tools (e.g., Zeek, Suricata, Wireshark)
Threat intelligence platforms (e.g., ThreatConnect, Anomali)
OSINT tools (e.g., Maltego, Shodan, Censys)
Endpoint detection and response (EDR) tools (e.g., CrowdStrike, Carbon Black)
Malware analysis tools (e.g., VirusTotal, Hybrid Analysis)
Strong analytical skills to identify patterns, anomalies, and relationships between cyber threat events.
Ability to articulate complex technical findings in clear, accessible briefings and reports.
Strong written and verbal communication skills, with an emphasis on briefing senior leadership and non-technical stakeholders.
Experience in creating threat intelligence reports and providing actionable recommendations.
Desired Qualifications
Understanding of malware behaviors and basic reverse engineering concepts.
Experience with automated threat hunting and scripting (e.g., Python, PowerShell).
Familiarity with cloud environments (e.g., AWS, Azure) and associated cyber threats.
Experience in a Security Operations Center (SOC) or Incident Response role.
Experience extracting information of foreign intelligence, counterintelligence and targeting value from digital data.
Experience producing products that inform operations, drive targeting and collection, contribute to intelligence products, and support multiple customer needs.
Benefits and Compensation The likely salary range for this position is $136,000 - $184,000. This is not, however, a guarantee of compensation or salary. Salary will be based on experience, geographic location and possibly contractual requirements.
Travel Required: None
Telecommuting Options: Onsite
Scheduled Weekly Hours: 40
Work Location: USA VA Chantilly
PI279871626
#J-18808-Ljbffr
Location:
USA VA Chantilly
Job Req:
RQ210357
Clearance Level Must Currently Possess:
Top Secret SCI + Polygraph
Clearance Level Must Be Able to Obtain:
Top Secret SCI + Polygraph
Job Family:
IT Infrastructure and Operations
Skills:
Analytical Thinking, Documentation, Log Analysis, Open Source Intelligence
Certifications:
None
Experience:
5+ years of related experience
US Citizenship Required:
Yes
Job Description A qualified Data Exploiter reviews, manipulates, triages, and analyzes large datasets and collections. Candidate is responsible for supporting operational and analytical requirements. Activities include detailed log analysis, network traffic monitoring, and vulnerability risk assessment. The individual will conduct assessments of software tools and systems to identify vulnerabilities and work with internal and external technical stakeholders to enrich analysis. Able to follow the entire targeting life cycle by engaging in data exploitation of requirements collection, data analysis, summary and documentation, and actionable information dissemination.
Key Responsibilities
Track and monitor cyber actors, their activities, and infrastructure to identify potential threats and vulnerabilities.
Utilize industry-standard commercial and open-source tools for threat intelligence gathering and analysis.
Conduct proactive threat hunting to uncover malicious activity, indicators of compromise (IOCs), and tactics, techniques, and procedures (TTPs).
Chain cyber threat events across multiple data sources to build coherent threat narratives and timelines.
Analyze network traffic, logs, and endpoints to identify malicious behaviors and anomalous activities.
Develop actionable intelligence reports and briefings for both technical and non-technical stakeholders.
Collaborate with incident response, SOC, and other security teams to correlate findings and provide context.
Maintain an understanding of emerging cyber threats and trends, adjusting hunting techniques accordingly.
Communicate threat findings and intelligence through clear, concise briefings and visualizations.
Education and Experience
Bachelor's degree in computer science, information technology, or other related discipline, or equivalent combination of education, technical certifications, training, and work/military experience.
Required Qualifications
Strong knowledge of common cyber attack methodologies (e.g., MITRE ATT&CK, kill chain models).
Strong knowledge of TCP/IP communications.
Proficiency with commercial and open-source threat intelligence tools, such as:
SIEM (e.g., Splunk, Elastic Stack)
Network traffic analysis tools (e.g., Zeek, Suricata, Wireshark)
Threat intelligence platforms (e.g., ThreatConnect, Anomali)
OSINT tools (e.g., Maltego, Shodan, Censys)
Endpoint detection and response (EDR) tools (e.g., CrowdStrike, Carbon Black)
Malware analysis tools (e.g., VirusTotal, Hybrid Analysis)
Strong analytical skills to identify patterns, anomalies, and relationships between cyber threat events.
Ability to articulate complex technical findings in clear, accessible briefings and reports.
Strong written and verbal communication skills, with an emphasis on briefing senior leadership and non-technical stakeholders.
Experience in creating threat intelligence reports and providing actionable recommendations.
Desired Qualifications
Understanding of malware behaviors and basic reverse engineering concepts.
Experience with automated threat hunting and scripting (e.g., Python, PowerShell).
Familiarity with cloud environments (e.g., AWS, Azure) and associated cyber threats.
Experience in a Security Operations Center (SOC) or Incident Response role.
Experience extracting information of foreign intelligence, counterintelligence and targeting value from digital data.
Experience producing products that inform operations, drive targeting and collection, contribute to intelligence products, and support multiple customer needs.
Benefits and Compensation The likely salary range for this position is $136,000 - $184,000. This is not, however, a guarantee of compensation or salary. Salary will be based on experience, geographic location and possibly contractual requirements.
Travel Required: None
Telecommuting Options: Onsite
Scheduled Weekly Hours: 40
Work Location: USA VA Chantilly
PI279871626
#J-18808-Ljbffr