Threat Hunting Analyst

Systems Planning and Analysis, Inc.

Aussicht: 135

Update Tag: 03-11-2025

Ort: Mons Hainaut

Kategorie: Geschäftsführung

Industrie:

Jobtyp: Full-time

Loading ...

Jobinhalt

Overview:
Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted.

SPA has an immediate need for a Threat Hunting Analyst to provide contracting services for NATO.
Responsibilities:
As a Cyber Security Threat Hunting Analyst, the incumbent will work alongside a team of Security Analysts to proactively detect cyber security attacks against NATO networks. They will research and react to the latest threats, using industry‐leading tools to discover new and ongoing attacks.

Main responsibilities:
  • Provide subject matter expertise supporting the end‐to‐end threat hunting process;
  • Develop hypotheses to be used in a threat hunt;
  • Create security tool content such as searches, reports and dashboards to facilitate threat hunting;
  • Perform in‐depth analysis of suspicious activity to deliver conclusions and recommendations;
  • Review and develop logging configurations to enable a comprehensive threat hunting capability;
  • Develop and document threat‐hunting procedures;
  • Share the results of threat hunts via presentations and technical reports.
Qualifications:
Required Qualifications:
  • Expert level in at least three of the following areas and a high level of experience in several of the other areas;
    • Cybersecurity threat hunting;
    • MITRE ATT&CK Framework;
    • Security Incidents Event Management products (SIEM) – e.g. Splunk;
    • Splunk Processing Language;
    • Network Based Intrusion Detection Systems (NIDS) – e.g. SourceFire, Palo Alto Network Threat Prevention;
    • Host Based Intrusion Detection Systems (HIDS);
    • Sysmon;
    • Full Packet Capture systems – e.g. Niksun, RSA/NetWitness;
    • Computer security tools (Vulnerability Assessment, Anti‐virus, Protocol Analysis, Anti‐Virus, Protocol Analysis, Anti‐Spyware, etc);
  • Proficiency in Intrusion/Incident Detection and Handling;
  • Comprehensive knowledge of the principles of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications.
  • Normal office environment with standard working hours, but may exceptionally be required to work non‐standard hours in support of a major Cyber Incident, or on a shift system for a limited period of time due to urgent operational needs.
  • NATO Secret security clearance
  • National from one of the 30 NATO Nations
Desirable Qualifications:

  • Industry leading certification in the area of Cybersecurity such as GCFA, GCIA, GNFA;
  • Knowledge and experience in Splunk Enterprise Security suite;
  • A good understanding of Security, Orchestrations, Automation and Response (SOAR) concepts and their benefits to the protection of CIS infrastructures;
  • Knowledge and experience in threat hunting in corporate/government level environment;
  • Strong knowledge of malware families and network attack vectors;
  • Experience in analysis of various threat actor groups, attack patterns and tactics, techniques, and procedures (TTPs), deep analysis of threats across the enterprise by combining security rules, content, policy and relevant datasets;
  • Ability to analyse attack vectors against a particular system to determine attack surface.
  • Extensive practical experience with malware analysis products (Cuckoo, Opswat Metascan);
  • Experience with system instrumentation solutions such as Ansible, Chef, etc.;
  • Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC;
  • Tenable Certified Security Engineer;
  • Prior experience of working in an international environment comprising both military and civilian elements.
Loading ...
Loading ...

Frist: 18-12-2025

Klicken Sie hier, um sich für einen kostenlosen Kandidaten zu bewerben

Anwenden

Job melden
Loading ...

ÄHNLICHE ARBEITEN

Loading ...
Loading ...