LOCATION: FAIRMONT , WV , US
DATE POSTED: 2020-11-20
SUBCATEGORY: Cyber Sec Analyst
SHIFT: Day Job
TRAVEL: Yes, 10 % of the Time
MINIMUM CLEARANCE REQUIRED: None
CLEARANCE LEVEL MUST BE ABLE TO OBTAIN: Top Secret
POTENTIAL FOR REMOTE WORK: No
The Cyber Hunt Analyst is responsible for supporting the customer in cyber-threat hunting and associated investigations. Also, perform hands-on investigations that require critical thinking and a broad understanding of multiple technologies. The incumbent will support development of presentations and reports to document findings, and will require good communication and interpersonal skills to convey findings in a tactful manner at the technical proficiency level of the audience. This is an opportunity for a team player to enhance a world-class team and learn new skills.
Conduct traffic collection, passive/active hunt activities and analysis for threat/intrusion detection as a member of a technical team
Must have a thorough knowledge beyond common network ports and protocols
Research, identify and document adversary models for actors that could have an interest or target the supported organization/site (e.g. possible intelligence sources: MITRE ATT&CK/CAR, Sqrrl, ODNI and commercial/local/criminal/open-source intelligence (OSINT))
Assist in analysis tool development, configuration, implementation and use
Strategically place, configure and manage sensor technology
Advanced knowledge in traffic and packet analysis using tools like Wireshark, tcpdump, Splunk, ELK, Bro, RSA and other
Intermediate knowledge of common forensics techniques, frameworks, tools and capabilities (i.e. EnCase, Volatility, Forensic Toolkit (FTK))
Develop or follow existing data analytic techniques for correlation of advanced threats TTP and indicators of compromise
Work extensively from the Windows and UNIX/Linux command line (e.g. Bash and PowerShell)
Actively hunt for threat, indicators of compromise and assist on investigations of cyber security incidents
Employ extensive use of Microsoft Office main tools: Word, Excel, PowerPoint and Visio to prepare plans, reports, diagrams, tables, briefings, etc.
Be able to present, demonstrate, explain and document operational impact for intrusions or system compromise
Develop proof-of-concept examples and scenarios for reports and live demonstrations
Create/document tactic, techniques and procedures (TTP) to train and expand/share knowledge with customers and team members
TYPICAL EDUCATION AND EXPERIENCE: Bachelors degree and 0 years related experience.
SAIC is a premier technology integrator solving our nations modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partners ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit [ or Working at SAIC [ for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.