Type of Requisition:PipelineClearance Level Must Currently Possess:Interim SecretClearance Level Must Be Able to Obtain:SecretSuitability:No Suitability RequiredPublic Trust/Other Required:Job Family:Cyber SecurityJob Description:Job DescriptionProgram Description: Serves as a Senior Cyber Threat Hunter and Researcher in support of a major federal client. This organization provides services that analyze and produce enhanced cyber security and threat intelligence information to include threats and potential threats to the customers information and information systems; provides timely and relevant technical analysis to assist with mitigating cyber threats confronting the Department; supports evaluation, implementation, and operations of tools/technologies used in advanced analysis. Responsible for the delivery of written and oral briefings to stakeholders and community partners across the Foreign Affairs community.Functional Duties:The Cyber Threat Hunter and Researcher will support the customers overall cyber threat analysis efforts. Performs advanced analysis of adversary tradecraft, malicious code, and Advance Persistent Threat capabilities. Analyzes computer, communication, network security events and exploits to determine security vulnerabilities and recommend remedial actions. Conducts forensic, malicious code, and packet-level analyses to develop comprehensive technical reports stepping through complete reverse engineering of incidents. Recommends countermeasures based on the identified techniques, tactics, procedures, and behavior patterns used by adversaries. This role is also responsible for developing alert criteria to improve incident response capabilities; as well as, contributes to development, writing, and reviewing of SOPs.Candidate should possess experience with and knowledge of cyber threat and/or intelligence analysis. Candidate should have proven expert written and oral communication skills to include experience with executive-level presentations. Candidate should have knowledge related to the current state of cyber international relations, adversary tactics, and trends. Candidate will possess the ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments.Qualifications:Candidates MUST possess an active secret clearance and be eligible to obtain a Top Secret.Education:A Bachelors Degree in Computer Science, Information Systems, Engineering, Telecommunications, or other related scientific or technical discipline is desired. Four (4) additional years of general experience (as defined below) may be substituted for the degree.Certifications Desired: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensics Analyst (GCFA), Certified Ethical Hacker (CEH), Encase Certified Examiner (ENCE)General Experience: 5-7 years of experience advanced technical analysis with increasing responsibilities. Demonstrated oral and written communications skills.Good working knowledge of cyber threat analyticsPrevious experience working in cross functional and interdisciplinary project teams to achieve tactical and strategic objectivesProven ability to document and teach team members how to apply advanced analytic techniques to solve complex problemsSolid understanding of enterprise IT cybersecurity operational environmentsSpecialized Experience:Five years of experience in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skillThree years of experience in intelligence or technical analysis with a focus on cyber threat analysis.Experience analyzing emerging technologies for potential attach vectors and developing mitigation strategiesAbility to evaluate offensive and intelligence-based threat actors based on motivation and common TTPsExperience with gathering open-source and controlled intelligence to develop predictive understanding of adversarial strategies, priorities, and overlapping interestsDemonstrated expertise in deploying and maintaining open source network security monitoring and assessment toolsExperience writing contract deliverables such as Event Bulletins, Cyber Digests, and Quarterly Summary ReportsScheduled Weekly Hours:40Travel Required:Less than 10%Telecommuting Options:Telecommuting Not AllowedWork Location:USA VA RosslynAdditional Work Locations:We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.