Peraton seeks a Cyber Threat Hunt Analyst to support the Active Defense Team in the ARCYBER G36. Location: Fort Eisenhower, GA

Tasks:

• Analyze and interpret cyber incident reports and intelligence to understand malicious cyber activity, leveraging in-depth knowledge of frameworks for understanding and detecting adversarial TTPs
• Develop SIEM-based analytics and correlation rulesets to identify adversaries' behaviors, goals, and methods, and pinpoint gaps within the security boundary that adversaries may or are exploiting
• Develop sophisticated data models to streamline the threat hunting process and enhance data processing efficiency, utilizing experience with data analysis or statistical approaches to solve problems
• Maintain and update knowledge management solutions, including Microsoft Power Platform applications and SharePoint portals, to ensure accurate and up-to-date information is available for analysis and reporting
• Utilize advanced data visualization techniques to present complex data sets in an accessible and understandable manner, and communicate complex cybersecurity insights through briefings, reports, and visualization tools to non-technical audiences

Required:

• Minimum of 8 years with a BS/BA, 6 years with MS/MA, or 3 years with PhD. Will consider HS+12 years of experience.
• DoD 8570 "IAT Level II", and "CSSP Analyst" certification at start of employment; certification(s) must be maintained throughout time filling this position
• Active TS/SCI w/Poly and ability to obtain MEAD.
• U.S Citizen

Desired:

• In-depth knowledge of cyberspace threat frameworks, such as MITRE ATT&CK® Enterprise, for understanding and detecting adversarial TTPs (as defined by ATT&CK), with the ability to correlate and analyze data to determine threat activity/intent
• The ability to understand and interpret intelligence data at an expert level for use in hypothesis driven cyber threat hunt activities
• In depth knowledge of host and network-based logging, including the ability to analyze and interpret log data and correlate information from various sources to fully understand and describe activity to identify potential threats and then communicate those findings through contract deliverables to Peraton's customer
• Fluency in reading/writing SIEM-based analytics to detect malicious cyber activity using languages such as Kusto Query Language, Kibana Query Language, Structured Query Language, and Lucene
• The ability to read and write various programming/scripting languages such as Python, PowerShell, BASH, and Visual Basic
• Ability to communicate complex cyber-related information to non-technical audiences in a clear and concise manner
• Experience with low-code automation platforms such as Power Automate and Power Apps

Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and eligible to participate in an attractive bonus plan.