Cyber Threat Hunting Analyst
At phia we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients.Seeking proactive individuals for an active role in detecting advanced cyber threats to critical infrastructure. We need CND and CNO specialists who can think like cyber attackers, employing network defense experience to prototype scripts, sift through false positives, and identify patterns. Your technical expertise will contribute to building creative solutions, utilizing new tools and approaches to develop the next generation of security analytics. Join us in redefining cyber defense. This job is performed onsite in Denver, Colorado.
What You'll Do
- Conduct cyber hunts using advanced methodologies and techniques.
- Address cyber issues with offensive and defensive Tactics, Techniques, and Procedures (TTPs).
- Understand foreign capabilities in IT and OT environments for enhanced defense.
- Provide forensic and data analysis support for cyber issues.
- Work with logging platforms such as Kibana or Splunk for monitoring and analysis.
- Utilize data forensic tools like Wireshark, Kali Linux, etc., for in-depth analysis.
- Demonstrate expertise in working with Linux systems.
- Apply knowledge of common malware functionality and operations.
- Write technical reports and brief leadership on cyber issues.
- Provide on-site, full-time support in a client environment.
- Maintain a minimum IAM or IAT Level III certification (CISSP, CASP+, CISA, etc).
Education + Requirements
- Fifteen (15) years information assurance experience and/or cyber security experience with a Bachelor’s Degree in a technical field.
- Documented cyber training, with 6+ years of experience supporting cyber operations
- Familiarity with the US Intelligence Community and using intelligence to support cyber defense/mitigation work
- Experience in cyber hunt and threat methodologies and techniques
- Experience working cyber issues to include offensive or defensive TTPs
- Understanding of foreign capabilities in IT or OT environments
- Experience providing forensic and data analysis support to cyber issues
- Experience with logging platforms such as Kibana or Splunk
- Experience with data forensic tools, including Wireshark, Kali Linux, etc.
- Experience working with Linux
- Knowledge of common malware functionality and operations
- Experience writing technical reports and briefing leadership
- Ability to provide on-site, full-time support in a client environment
- Minimum IAM or IAT Level III (CISSP, CASP+, CISA, etc)
Preferred Skills and Qualifications
- Experience leading cyber exercises to enhance team preparedness and response capabilities.
- Report IT security events and incidents promptly, adhering to policies and procedures.
- Effectively provide network or system administration and computer operations support.
- Utilize forensics tools such as Encase, IDA PRO, or Wireshark for comprehensive analysis.
- Demonstrate experience in U.S. critical infrastructure environments.
- Analyze ICS and SCADA traffic for potential vulnerabilities and threats.
- Work in cyber operations center environments, contributing to a secure operational setting.
- Write technical reports and deliver briefings to leadership based on analyzed data.
- Possess knowledge of supporting the Intelligence Community (IC) and national-level system security initiatives.
- Ability to demonstrate expertise in securing Information, Local Area Network (LAN), and Wide Area Network (WAN) technologies.
- Able to apply knowledge of virtualization technologies to enhance network security measures.
Security Clearance
- Top Secret clearance is required.