Senior Threat Hunt Analyst

About Us:PUNCH Cyber Analytics Group (PUNCH) is a Virginia-based, small business founded in 2012 operating as a cohesive team that incorporates the sum of our group's diverse skills, talents, and resources toward our collective passion: advancing data analytics to impact cyber operations. PUNCH is a two-time Inc. Magazine 'Best Workplaces' awardee offering unique benefits and personal touches to provide a positive work-life experience for our team. PUNCH brings unique qualifications, resources, and past-performance that make us suitable to address the goals of our diverse customer-base. Further, we have past and current experience supporting cyber operations and cyber ML-based research, with well over 100 years of collective experience from our collaborative, multi-disciplinary team.Position Description:PUNCH Cyber Analytics Group (PUNCH) is seeking a Threat Hunt Analyst and Security Operation Center Analysts to join our team. Must be a focused, self-motivated, detail-oriented, About Us:PUNCH Cyber Analytics Group (PUNCH) is a Virginia-based, small business founded in 2012 operating as a cohesive team that incorporates the sum of our group's diverse skills, talents, and resources toward our collective passion: advancing data analytics to impact cyber operations. PUNCH is a two-time Inc. Magazine 'Best Workplaces' awardee offering unique benefits and personal touches to provide a positive work-life experience for our team. PUNCH brings unique qualifications, resources, and past-performance that make us suitable to address the goals of our diverse customer-base. Further, we have past and current experience supporting cyber operations and cyber ML-based research, with well over 100 years of collective experience from our collaborative, multi-disciplinary team.Position Description:PUNCH Cyber Analytics Group (PUNCH) is seeking a Threat Hunt Analyst and Security Operation Center Analysts to join our team. Must be a focused, self-motivated

and communicative team member - capable of not only performing technical analysis and adversary tracking, but also active in sharing knowledge across the team. This is a remote position - must be comfortable communicating and collaborating with the team over virtual platforms (MS Teams, Slack) and be focused and self-motivated to achieve success.The ideal candidate will have experience in incident response, threat hunting and threat intelligence.Primary skills:1-3 years work experience working in Security Operations CentersExperience using Splunk ES in an operational environmentBackground (formal or informal) in hands on computer and networking experience to include a good understanding of TCP/IP, routing, and major Internet protocolsStrong desire and ability to learn and experiment with new technologiesMust be able to work independently as well as in a team environmentExperience tracking APT adversaries and network infrastructureFamiliarity with concepts like diamond model, Att&ck framework, cyber kill chain a plusPrior experience with developing, tuning and refining novel and advanced hunting techniquesExperience and exposure to using and administrating MISP for indicator management a plusExperience with a variety of data sets for hunting and analysis (Censys, Shodan, Virustotal, Passivetotal, Domaintools) a plusWeekend and holiday work may be required.Shift is a 4 days/10 Hour weekly schedule allowing for 3 days off per week.#J-18808-Ljbffr *, detail-oriented, and communicative team member - capable of not only performing technical analysis and adversary tracking, but also active in sharing knowledge across the team. This is a remote position - must be comfortable communicating and collaborating with the team over virtual platforms (MS Teams, Slack) and be focused and self-motivated to achieve success.The ideal candidate will have experience in incident response, threat hunting and threat intelligence.Primary skills:1-3 years work experience working in Security Operations CentersExperience using Splunk ES in an operational environmentBackground (formal or informal) in hands on computer and networking experience to include a good understanding of TCP/IP, routing, and major Internet protocolsStrong desire and ability to learn and experiment with new technologiesMust be able to work independently as well as in a team environmentExperience tracking APT adversaries and network infrastructureFamiliarity with concepts like diamond model, Att&ck framework, cyber kill chain a plusPrior experience with developing, tuning and refining novel and advanced hunting techniquesExperience and exposure to using and administrating MISP for indicator management a plusExperience with a variety of data sets for hunting and analysis (Censys, Shodan, Virustotal, Passivetotal, Domaintools) a plusWeekend and holiday work may be required.Shift is a 4 days/10 Hour weekly schedule allowing for 3 days off per week.#J-18808-Ljbffr *