Full Job Description
Edgewater Federal Solutions is a privately held government contracting firm located near Frederick, MD. The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services, and timely delivery. Edgewater is ISO 9001, 20000-1, 27001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named in the Top Workplaces in the Greater Washington Area Small Companies for 2018, 2019, 2020, and 2021.
Edgewater Federal Solutions is currently seeking a Cyber Threat Hunter Analyst to provide support to an Edgewater Federal government contract.
Analyze logs and other resources for indicators of compromise
Develop threat hunt plans and SOPs
Use Endpoint detection and response tools to create detection rules and identify threats
Conduct threat hunting operations. Analyze log data to detect active threats within the network using knowledge of the current threat landscape, threat actor techniques, and the internal network.
Perform Threat Hunt activities based on Threat Intel reporting, and knowledge client environment.
Analyze malicious code, packet capture files, and artifacts.
Identify gaps in logging capabilities and develop and propose strategies to fill gaps.
Identify and propose automated alerts for new and previously unknown threats.
Provide technical leadership through the complete lifecycle of a hunt operation.
Utilize a wide range of tools and techniques to automate repetitive hunt processes
At least 6 years of experience with incident response, security operations, malware analysis, or threat hunting
Experience in computer intrusion analysis and incident response
Working knowledge of Intrusion detection/protection systems
Knowledge and understanding of network devices, multiple operating systems, and secure architectures
Working knowledge of network protocols and common services
System log analysis
Working knowledge of Splunk Enterprise Security, Fireeye HX, Carbon Black
Familiarity with packet analysis to include HTTP Headers & Status codes, SMTP Traffic & Status codes, FTP Traffic & Status Codes
Demonstrated ability to document processes
Scripting (python, ruby, shell, batch, etc.)
Experience in a security engineering or threat detection role, or developing custom detections in a variety of security appliances
It has been and continues to be the policy of Edgewater Federal Solutions to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, and/or other status protected by applicable law.