About Us: PUNCH Cyber Analytics Group (PUNCH) is a Virginia-based, small business founded in 2012 operating as a cohesive team that incorporates the sum of our group's diverse skills, talents, and resources toward our collective passion: advancing data analytics to impact cyber operations. PUNCH is a two-time Inc. Magazine 'Best Workplaces' awardee offering unique benefits and personal touches to provide a positive work-life experience for our team. PUNCH brings unique qualifications, resources, and past-performance that make us suitable to address the goals of our diverse customer-base. Further, we have past and current experience supporting cyber operations and cyber ML-based research, with well over 100 years of collective experience from our collaborative, multi-disciplinary team.
Position Description: PUNCH Cyber Analytics Group (PUNCH) is seeking a Threat Hunt Analyst and Security Operation Center Analysts to join our team. Must be a focused, self-motivated, detail-oriented, and communicative team member - capable of not only performing technical analysis and adversary tracking, but also active in sharing knowledge across the team. This is a remote position – must be comfortable communicating and collaborating with the team over virtual platforms (MS Teams, Slack) and be focused and self-motivated to achieve success.
The ideal candidate will have experience in incident response, threat hunting and threat intelligence.
Primary skills: 1-3 years work experience working in Security Operations Centers Experience using Splunk ES in an operational environment Background (formal or informal) in hands on computer and networking experience to include a good understanding of TCP/IP, routing, and major Internet protocols Strong desire and ability to learn and experiment with new technologies Must be able to work independently as well as in a team environment Experience tracking APT adversaries and network infrastructure Familiarity with concepts like diamond model, Att&ck framework, cyber kill chain a plus Prior experience with developing, tuning and refining novel and advanced hunting techniques Experience and exposure to using and administrating MISP for indicator management a plus Experience with a variety of data sets for hunting and analysis (Censys, Shodan, Virustotal, Passivetotal, Domaintools) a plus Weekend and holiday work may be required.
Shift is a 4 days/10 Hour weekly schedule allowing for 3 days off per week.