SOC Cyber Threat Hunter

StratasCorp Technologies Logo
StratasCorp Technologies
Chesapeake, VA, United States
  • IT
  • FlexTime
  • FullTime
  • Shift
  • Weekends
  • Applications have closed

Responsibilities Our team, in Chesapeake, VA has an immediate need for a Security Operations Center Analyst (Cyber Threat Hunter) to monitor and maintain an active defense security posture by preventing, monitoring, detecting, and responding to cybersecurity threats. Primary responsibilities include:

  • Support day-to-day Cyber Security Service Provider (CSSP) intrusion detection and prevention operations
  • Perform tactical real-time data monitoring of alert, session, statistical, and full packet capture data
  • Operate and monitor intrusion-sensing and packet capture tools, such as Wireshark, WinDump, and TCPDump, as well as Security Information and Event Management (SIEM) tools and CSSP security to monitor MSC networks
  • Examine alerts generated, perform triage, and determine the scope of the threats
  • Perform data correlation and conduct strategic analysis of IDS/IPS data, frequently reconfiguring and updating CSSP security devices with the latest signatures and heuristic techniques to detect and/or prevent the latest threats
  • Must possess or be able to obtain within 6 months of hire current CSSP Analyst security certification in accordance with DoD Workforce 8570.01M requirements (https://public.cyber.mil/cw/cwmp/dod-approved-8570-baseline-certifications/)
  • Must have an appropriate IAT II Computing Environment/Operating System certification in accordance with Cyber Workforce DoD 8570.01M requirements
  • Must have 3 or more years of experience in the field of Cyber Security Service Provider (CSSP) formally known as Computer Network Defense — Service Provider (CND-SP), or related experience monitoring and analyzing computer network security, with specific experience working with firewalls and intrusion detection and prevention systems
  • Must have a strong understanding of security operations concepts (Computer Network Defense in Depth, data loss protection, cyber kill chain analysis) as well as hands-on experience managing IDS/IPS, SIEM, Host-Based security, content filtering, DNS blacklisting and/or other related Computer Network Defense security products
  • This is not a Remote position. Candidates are expected to be in office daily
  • Flexible shifts (Evening/Nights/Weekends) may be available
  • Must possess IAT 2 (CompTIA Security+ or equivalent)
Apply for job