Senior Threat Hunt Analyst

About Us:

PUNCH Cyber Analytics Group (PUNCH) is a Virginia-based, small business founded in 2012 operating as a cohesive team that incorporates the sum of our group’s diverse skills, talents, and resources toward our collective passion: advancing data analytics to impact cyber operations. PUNCH is a two-time Inc. Magazine ‘Best Workplaces’ awardee offering unique benefits and personal touches to provide a positive work-life experience for our team. PUNCH brings unique qualifications, resources, and past-performance that make us suitable to address the goals of our diverse customer-base. Further, we have past and current experience supporting cyber operations and cyber ML-based research, with well over 100 years of collective experience from our collaborative, multi-disciplinary team.

Position Description:

PUNCH Cyber Analytics Group (PUNCH) is seeking a Threat Hunt Analyst and Security Operation Center Analysts to join our team. Must be a focused, self-motivated, detail-oriented, and communicative team member - capable of not only performing technical analysis and adversary tracking, but also active in sharing knowledge across the team. This is a remote position – must be comfortable communicating and collaborating with the team over virtual platforms (MS Teams, Slack) and be focused and self-motivated to achieve success.

The ideal candidate will have experience in incident response, threat hunting and threat intelligence.

Primary skills:

• 1-3 years work experience working in Security Operations Centers
• Experience using Splunk ES in an operational environment
• Background (formal or informal) in hands on computer and networking experience to include a good understanding of TCP/IP, routing, and major Internet protocols
• Strong desire and ability to learn and experiment with new technologies
• Must be able to work independently as well as in a team environment

• Experience tracking APT adversaries and network infrastructure
• Familiarity with concepts like diamond model, Att&ck framework, cyber kill chain a plus
• Prior experience with developing, tuning and refining novel and advanced hunting techniques
• Experience and exposure to using and administrating MISP for indicator management a plus
• Experience with a variety of data sets for hunting and analysis (Censys, Shodan, Virustotal, Passivetotal, Domaintools) a plus

Weekend and holiday work may be required.

Shift is a 4 days/10 Hour weekly schedule allowing for 3 days off per week.