Key Facts

Remote From:

Full time

Senior (5-10 years)

English

Hard Skills

Security Operations (SecOps) Threat Assessment Splunk Incident Response Analytics Usage Tracking Internet Protocols Suite Microsoft Networking MITRE ATT&CK Framework Ceros (Software) +1 more

Other Skills

•
Detail Oriented
•
Self-Motivation
•
Teamwork
•
Communication

Roles & Responsibilities

1-3 years of experience in Security Operations Centers.
Experience with Splunk ES in an operational environment.
Hands-on computer and networking skills, including TCP/IP and Internet protocols.
Strong motivation to learn new technologies and work independently.

Requirements:

Perform technical analysis and adversary tracking.
Share knowledge and collaborate with team members remotely.
Contribute to threat hunting and incident response activities.
Develop and refine advanced hunting techniques.

Job description

About Us:

PUNCH Cyber Analytics Group (PUNCH) is a Virginia-based, small business founded in 2012 operating as a cohesive team that incorporates the sum of our group’s diverse skills, talents, and resources toward our collective passion: advancing data analytics to impact cyber operations. PUNCH is a two-time Inc. Magazine ‘Best Workplaces’ awardee offering unique benefits and personal touches to provide a positive work-life experience for our team. PUNCH brings unique qualifications, resources, and past-performance that make us suitable to address the goals of our diverse customer-base. Further, we have past and current experience supporting cyber operations and cyber ML-based research, with well over 100 years of collective experience from our collaborative, multi-disciplinary team.

Position Description:

PUNCH Cyber Analytics Group (PUNCH) is seeking a Threat Hunt Analyst and Security Operation Center Analysts to join our team. Must be a focused, self-motivated, detail-oriented, and communicative team member - capable of not only performing technical analysis and adversary tracking, but also active in sharing knowledge across the team. This is a remote position – must be comfortable communicating and collaborating with the team over virtual platforms (MS Teams, Slack) and be focused and self-motivated to achieve success.

The ideal candidate will have experience in incident response, threat hunting and threat intelligence.

Primary skills:

1-3 years work experience working in Security Operations Centers
Experience using Splunk ES in an operational environment
Background (formal or informal) in hands on computer and networking experience to include a good understanding of TCP/IP, routing, and major Internet protocols
Strong desire and ability to learn and experiment with new technologies
Must be able to work independently as well as in a team environment

Experience tracking APT adversaries and network infrastructure
Familiarity with concepts like diamond model, Att&ck framework, cyber kill chain a plus
Prior experience with developing, tuning and refining novel and advanced hunting techniques
Experience and exposure to using and administrating MISP for indicator management a plus
Experience with a variety of data sets for hunting and analysis (Censys, Shodan, Virustotal, Passivetotal, Domaintools) a plus

Weekend and holiday work may be required.

Shift is a 4 days/10 Hour weekly schedule allowing for 3 days off per week.

Ready to apply?

APPLY

Share ·