NASA IV&V Cyber Hunt Analyst
Reference
Job Type Full-time
Job Status Sourcing
Date Posted Friday, 19 July 2019
Location Fairmont, WV
Duration
Job Description

NASA IV&V CYBER HUNT ANALYST


Job ID: 193265
Location: FAIRMONT, WV, United States
Travel: Yes, 10 % of the Time
Minimum Clearance Required: Secret


Job description:


Responsible for supporting the customer in cyber-threat hunting and associated investigations. Also, perform hands-on investigations that require critical thinking and a broad understanding of multiple technologies. The incumbent will support development of presentations and reports to document findings, and will require good communication and interpersonal skills to convey findings in a tactful manner at the technical proficiency level of the audience. This is an opportunity for a team player to enhance a world-class team and learn new skills.  



  • Research identify and document adversary models for actors that could have an interest or target the supported organization/site (e.g. possible intelligence sources: MITRE ATT&CK/CAR, Sqrrl, ODNI and commercial/local/criminal/open-source intelligence (OSINT))

  • Assist in analysis tool development, configuration, implementation and use

  • Strategically place, configure and manage sensor technology

  • Advanced knowledge in traffic and packet analysis using tools like Wireshark, tcpdump, Splunk, ELK, Bro, RSA and other

  • Intermediate knowledge of common forensics techniques, frameworks, tools and capabilities (i.e. EnCase, Volatility, Forensic Toolkit (FTK))

  • Develop or follow existing data analytic techniques for correlation of advanced threats TTP and indicators of compromise

  • Work extensively from the Windows and UNIX/Linux command line (e.g. Bash and PowerShell)

  • Actively hunt for threat, indicators of compromise and assist on investigations of cyber security incidents

  • Employ extensive use of Microsoft Office main tools: Word, Excel, PowerPoint and Visio to prepare plans, reports, diagrams, tables, briefings, etc.

  • Be able to present, demonstrate, explain and document operational impact for intrusions or system compromise

  • Develop proof-of-concept examples and scenarios for reports and live demonstrations

  • Create/document tactic, techniques and procedures (TTP) to train and expand/share knowledge with customers and team members

  • Critical thinking is a must


 


Qualifications



  • 2+ years experience as a hands on network/host analyst or incident response team member

  • Minimum of active SECRET clearance is required with ability to be cleared up to TS/SCI

  • Bachelors Degree in Engineering, Applied Science or similar technical discipline OR an additional 4 years combination of education, training, and experience 

  • Must have a thorough knowledge beyond common network ports and protocol 


 Desired Qualifications



  • TS/SCI Clearance is preferred

  • Forensics experience is preferred

  • GCIA, GCFE, GCFA, GNFA, GCTI or GREM  Certifications are a plus


 


MPL Corporation offers an excellent benefits package. We are dedicated to providing the best possible economic and personal security for each employee.


MPL Corporation is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required.


Email resume to: accounting@mpl.com

How to Apply
Email Resume To accounting@mpl.com