PUNCH Cyber Analytics Group
Senior Threat Hunt Analyst
PUNCH Cyber Analytics Group, Washington, District Of Columbia, United States, 20001
Position Description
PUNCH Cyber Analytics Group (PUNCH) is seeking a Threat Hunt Analyst and Security Operation Center Analysts to join our team. Must be a focused, self-motivated, detail-oriented, and communicative team member - capable of not only performing technical analysis and adversary tracking, but also active in sharing knowledge across the team. This is a remote position - must be comfortable communicating and collaborating with the team over virtual platforms (MS Teams, Slack) and be focused and self-motivated to achieve success. The ideal candidate will have experience in incident response, threat hunting and threat intelligence. Primary Skills
1-3 years work experience working in Security Operations Centers Experience using Splunk ES in an operational environment Background (formal or informal) in hands on computer and networking experience to include a good understanding of TCP/IP, routing, and major Internet protocols Strong desire and ability to learn and experiment with new technologies Must be able to work independently as well as in a team environment Experience tracking APT adversaries and network infrastructure Familiarity with concepts like diamond model, Att&ck framework, cyber kill chain a plus Prior experience with developing, tuning and refining novel and advanced hunting techniques Experience and exposure to using and administrating MISP for indicator management a plus Experience with a variety of data sets for hunting and analysis (Censys, Shodan, Virustotal, Passivetotal, Domaintools) a plus Weekend and holiday work may be required. Shift is a 4 days/10 Hour weekly schedule allowing for 3 days off per week.
PUNCH Cyber Analytics Group (PUNCH) is seeking a Threat Hunt Analyst and Security Operation Center Analysts to join our team. Must be a focused, self-motivated, detail-oriented, and communicative team member - capable of not only performing technical analysis and adversary tracking, but also active in sharing knowledge across the team. This is a remote position - must be comfortable communicating and collaborating with the team over virtual platforms (MS Teams, Slack) and be focused and self-motivated to achieve success. The ideal candidate will have experience in incident response, threat hunting and threat intelligence. Primary Skills
1-3 years work experience working in Security Operations Centers Experience using Splunk ES in an operational environment Background (formal or informal) in hands on computer and networking experience to include a good understanding of TCP/IP, routing, and major Internet protocols Strong desire and ability to learn and experiment with new technologies Must be able to work independently as well as in a team environment Experience tracking APT adversaries and network infrastructure Familiarity with concepts like diamond model, Att&ck framework, cyber kill chain a plus Prior experience with developing, tuning and refining novel and advanced hunting techniques Experience and exposure to using and administrating MISP for indicator management a plus Experience with a variety of data sets for hunting and analysis (Censys, Shodan, Virustotal, Passivetotal, Domaintools) a plus Weekend and holiday work may be required. Shift is a 4 days/10 Hour weekly schedule allowing for 3 days off per week.