CISA Cyber Data Analyst (Threat Hunting)

Remote - United States

CRI Advantage, Inc. logo
CRI Advantage, Inc.
Apply now Apply later

Posted 1 month ago

CRI Advantage is looking for a remote Cyber Data Analyst to work on a Threat Hunting team in a Cyber Security Operations Technology Environment analyzing data, securing critical systems, and using SIEM tools in an effort for overall data integrity and oversight.

Our team are part of a coordinated national effort to secure the nations critical infrastructure from all natural and manmade hazards. We create and maintain interfaces and access to commercial, local, state and federal customers including utilities enabling them to conduct comprehensive vulnerability assessments and utilize infrastructure protection tools against cyber threats. This work is mission critical and CRI is proud to be building teams to help protect our nation.

The most crucial skills are Splunk and Snort, but the environment includes all of the following Splunk, Docker, Ansible, SIEM, Gravwell, Linux, MITRE ICS (Industrial Control Systems), ELK, Bro/Zeek, SNORT and VM.

The client is federal government involving national security, candidates must be US citizens. Clearances from DOE and DoD, DHS maintained for the work. The work is remote.

Requirements

Splunk expertise to include:

Deploying network sensor systems and provide reliable threat and event data

Splunk engineering, assisting with architecture of Splunk instances, configuring Splunk searcheads, indexers

Data normalization

Building a series of interconnected dashboards/an entire app

Transactions, and other complex search patterns/results.

Report acceleration, summary indexing, tstats.

Getting Splunk reports/data outside of Splunk and into other tools.

Data input filtering with regex/configs

Bro/Zeek engineering expertise

Solid working knowledge of SNORT and how to use it.

2+ years of Linux experience and/or Linux certification.

3+years of Systems Engineering experience

Statistical Background would be helpful

Data Analytics would be helpful


Employee Job Functions

Employee Job Functions are physical actions and/or working conditions associated with the position. These functions may also constitute essential functions for the job position which the employee must be able to fulfill, with or without reasonable accommodation. The information provided below is to help describe the job so that the applicant has a reasonable understanding of the job duties/expectations. An applicant's ability to perform these actions will be discussed and workplace accommodations may be made on a case-by-case basis following an individualized assessment of the applicant and other considerations, including but not limited to any governing safety standards.

  1. Stooping, kneeling, crouching, turning and twisting - Never
  2. Ability to reach, feel and handle items – Occasionally
  3. Moving about to accomplish tasks or moving from one worksite to another - Never
  4. Moderate noise (i.e. business office with computers, phone, and printers, light traffic) - Constantly
  5. Repeating motions that may include the wrists, hands and/or fingers - Occasionally
  6. Operating motor vehicles - Never
  7. Physical Demands – Sedentary work that primarily involve sitting/standing
  8. Moving self in different positions to accomplish tasks in various environments including tight and confined spaces - Never
  9. Ability to sit at a computer terminal for an extended period of time - Constantly
  10. Adjusting or moving objects up to 25 pounds in all directions - Never
  11. Communicating with others to exchange information - Constantly
  12. Operating machinery and/or power tools - Never
  13. Regular, predictable attendance is required - Constantly



Benefits

Great things happen when you have the CRI Advantage!

CRI has a family-oriented company culture and is family-owned. Our management team believes employee growth is as equally import to company growth and offers many types of learning opportunities. We work on unique projects including supporting missions involving national security, energy research, law enforcement, transportation, and health and welfare. We are headquartered in Boise, ID with offices in Idaho Falls and DC. Our corporate mission from the very beginning has been to make a positive difference in people’s lives.

CRI Advantage provides flexible benefit packages to fit employee and family needs. Benefits are effective from the first day of employment.

  • Medical (PPO and HDHP plans), Dental, Vision, STD, LTD, Life and AD&D
  • Access to Flexible Spending Accounts (FSA) and Health Savings Accounts (HSA)
  • Paid Time Off (PTO) accruals, Paid Holidays, and for some roles – sick leave
  • 401(k) with employer match
  • Employee Assistance Program (EAP)
  • Discount Rewards Program
  • Free technical and professional training with access to over 8,000 classes
  • Credit Union Membership
  • Employee Wellness Program


Job tags: Analytics Architecture CISA Docker ICS Industrial Linux SIEM Splunk