Description

• Lead advanced incident detection, response, and escalation support for high-severity cyber events.
• Perform proactive threat hunting using behavioral analytics, SIEM correlation, and threat intelligence.
• Conduct deep-dive forensic investigations, including host, network, and malware analysis.
• Correlate data across SIEM, endpoint, network, cloud, and threat intel sources to identify attack patterns.
• Develop and refine detection rules, analytics, and SIEM use cases to improve alert fidelity.
• Provide technical mentorship and guidance to Tier 1 and Tier 2 analysts.
• Integrate cyber threat intelligence with operational analysis, including nation-state and advanced persistent threat (APT) activity.
• Support M-21-31 logging maturity initiatives, including log validation, correlation, and visibility improvements.
• Contribute to automation and detection engineering efforts (scripts, playbooks, orchestration).
• Collaborate with federal stakeholders (e.g., CISA, US-CERT) during major incidents.

• Bachelor’s degree in cybersecurity, IT, or related field.
• 8+ years of experience in incident response, threat hunting, malware analysis, or cyber forensics.
• Deep expertise in:
• SIEM platforms and log analysis
• Network traffic and packet analysis
• Intrusion detection/prevention systems
• Malware analysis (static/dynamic)
• Experience with threat intelligence integration and analysis.
• Strong knowledge of NIST, FISMA, EO 14028, and M-21-31 logging requirements.

• Analytical depth and critical thinking
• Advanced cyber threat detection
• Mentorship and technical leadership
• Cross-domain data correlatio