Threat Hunter / Public Trust
Peraton, Warrenton, VA, United States
Minimum Requirements
Bachelor’s degree and 5 years of experience, or 3 years of experience with a Master’s.
An additional 4 years of experience will be considered in lieu of a degree.
Demonstrated experience in threat hunting or network/cloud forensics.
Proven ability to develop and recommend corrective actions.
Expertise, knowledge, and experience integrating new architectural analysis of cyber security features.
Comfortable interfacing with external entities including law enforcement, intelligence, and other government organizations and agencies.
U.S. citizenship is required.
Active Public Trust security clearance required.
Willingness and ability to travel 10-25%.
Preferred
Experience using Databricks.
Experience using Artificial Intelligence (AI) and large language models (LLMs).
Possess one of the following certifications: CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP.
Ability to create, troubleshoot, configure, and operate complex scripting solutions with the ability to output the results in a variety of formats (e.g., HTML, XML, etc.) and to re-purpose the results for reports targeting different technical levels (e.g., other analysts, management, etc.).
Peraton is seeking a Threat Hunter to become part of Federal Strategic Cyber Mission programs.
Location: Warrenton, VA; must be local to the work location.
Responsibilities
Conduct technical analysis of network traffic to identify anomalies, which may represent potentially malicious activity, and document the analysis in prescribed formats.
Monitor and understand emerging threats, define the technical vulnerabilities and exploits that could present a threat to government networks, perform analysis on the emerging capabilities/exploits, and document the analysis in prescribed formats.
Monitor IDS/IPS alerts, analyze associated network traffic, and document the analysis in prescribed formats.
Report detected incidents to agency, work toward resolution, and escalates when required according to SOP.
Develop detection signatures based on indicators and analysis.
Test detection signatures to determine successful detection and level of false positives.
Deploy detection signatures based on SOPs.
Conduct technical analysis of data from partners, constituents, and monitoring systems to understand the nature of attacks, threats, and vulnerabilities.
Assist with the development of mitigation strategies.
Deploy to provide on-site support and assistance in the event of an exercise or cyber incident.
Identify and document network‑based tactics, techniques, and procedures used by an attacker to gain unauthorized system access.
Participate in inter‑agency sponsored community of interest analysis groups, technical briefings, and exchanges.
#J-18808-Ljbffr
Bachelor’s degree and 5 years of experience, or 3 years of experience with a Master’s.
An additional 4 years of experience will be considered in lieu of a degree.
Demonstrated experience in threat hunting or network/cloud forensics.
Proven ability to develop and recommend corrective actions.
Expertise, knowledge, and experience integrating new architectural analysis of cyber security features.
Comfortable interfacing with external entities including law enforcement, intelligence, and other government organizations and agencies.
U.S. citizenship is required.
Active Public Trust security clearance required.
Willingness and ability to travel 10-25%.
Preferred
Experience using Databricks.
Experience using Artificial Intelligence (AI) and large language models (LLMs).
Possess one of the following certifications: CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP.
Ability to create, troubleshoot, configure, and operate complex scripting solutions with the ability to output the results in a variety of formats (e.g., HTML, XML, etc.) and to re-purpose the results for reports targeting different technical levels (e.g., other analysts, management, etc.).
Peraton is seeking a Threat Hunter to become part of Federal Strategic Cyber Mission programs.
Location: Warrenton, VA; must be local to the work location.
Responsibilities
Conduct technical analysis of network traffic to identify anomalies, which may represent potentially malicious activity, and document the analysis in prescribed formats.
Monitor and understand emerging threats, define the technical vulnerabilities and exploits that could present a threat to government networks, perform analysis on the emerging capabilities/exploits, and document the analysis in prescribed formats.
Monitor IDS/IPS alerts, analyze associated network traffic, and document the analysis in prescribed formats.
Report detected incidents to agency, work toward resolution, and escalates when required according to SOP.
Develop detection signatures based on indicators and analysis.
Test detection signatures to determine successful detection and level of false positives.
Deploy detection signatures based on SOPs.
Conduct technical analysis of data from partners, constituents, and monitoring systems to understand the nature of attacks, threats, and vulnerabilities.
Assist with the development of mitigation strategies.
Deploy to provide on-site support and assistance in the event of an exercise or cyber incident.
Identify and document network‑based tactics, techniques, and procedures used by an attacker to gain unauthorized system access.
Participate in inter‑agency sponsored community of interest analysis groups, technical briefings, and exchanges.
#J-18808-Ljbffr