Linux Threat Hunter-TS/SCI with FS Poly

Location: Chantilly, VA US
Security Clearance Requirement: TS/SCI with Full Scope Polygraph
Clearance Status: Must be Current

JOB DESCRIPTION:
Inferno Systems is currently looking for proactive and self-motivated individuals for our Linux Threat Hunter positions. In this unique position, you will be working closely with deployed Linux servers dealing with data flows and collection of network data to write malware signatures using regular expressions (regex). This is a high-visibility position which enables you to demonstrate operational impact to senior management by identifying known malware, finding unique patterns and anomalies to discover new threat actors and taking operational actions to achieve mission requirements.

You should be comfortable working in a Linux (CentOS / Debian / Ubuntu) environment, using SSH and being able to conduct regular Linux system administration, configuration and maintenance tasks. You will be able to help improve existing Standard Operating Procedures (SOPs) and documentation.

You should have multiple years developing operational plans and gaining approval to execute them, briefing options and risks, understanding technical aspects of plans and collaborating across other offices and/or the IC as necessary. Occasional / infrequent domestic and international (non-warzone) travel may be requested but is not required. BS degree must be in a technical discipline OR may substitute three years of sponsor-specific experience for BS degree.

REQUIRED SKILLS:

• Experience with Linux (CentOS / Debian / Ubuntu) systems administration
• Ability to automate tasks through Bash / Perl / Python scripting
• Understanding of network layers, protocols and flows
• Familiarity with analyzing network traffic / PCAP data using open source, COTS and GOTS tools
• Using regular expressions (regex) to develop network signatures
• Experience planning / developing / executing HUMINT or SIGINT operations
• Understanding of computer networks and a familiarity with clandestine technical collection capabilities and field operations.
• Assist in reviewing, defining, and clarifying operational requirements.
• Assist in researching, analyzing, and recommending complex technical operational approaches, processes/procedures, and equipment/systems.
• Identify technical and operational constraints and methodologies and relate alternative solutions and risks.
• Develop routine proposals incorporating appropriate technical and operational issues into a plan based on consensus.
• Write correspondence and coordinate with participants regarding operational plans, vulnerability assessments, risk evaluations, possible remedies, or execution plans. When appropriate, prepare intelligence reports following guidelines.
• Ability to analyze the operational environment to identify appropriate equipment/systems required to meet operational needs.
• Devise new techniques by applying technical capabilities in innovative scenarios.
• Provide technical feedback to ongoing development activities.

DESIRED SKILLS

• Prior experience in penetration testing, red team operations, incident response or computer forensics.
• Experience with wireless communications protocols and technologies, including cellular, Wifi and bluetooth
• Previous overseas travel experience, including engaging with foreign partners.
• Ability to interact and communicate with individuals from diverse backgrounds and cultures and to convey technical information to non-technical individuals.
• Capable of handling stressful situations and demonstrated strong oral and written communications skills.
• Knowledge of complex geographic or functional areas or issues.
• Knowledge of collection capabilities & methods and the relationship of intelligence gaps.
• Knowledge of US Government policy issues as they relate to Internet law.
• Knowledge of methods used to protect and safeguard resources, operations, and equities, and operational security.
• Excellent interpersonal skills, sound judgment, good administrative and organizational skills.
• Knowledge of the process and techniques for recruiting.
• Knowledge writing methods and systems as well as policies and regulations.
• Technical certifications in penetration testing or cyber security such as SANS GIAC certifications (GPEN, GXPN, GCIH, GWAPT, GCFA, etc), Offensive Security (OSCP), Certified Ethical Hacker (CEH)
• General technical certifications such as CompTIA Network , Security , Linux

Job Type: Full-time

Pay: $175,000.00 - $300,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Flexible schedule
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Professional development assistance
• Referral program
• Tuition reimbursement
• Vision insurance

Schedule:

• 8 hour shift

Application Question(s):

• Do you have an active Top Secret/SCI Security Clearance with a Full Scope Polygraph? Unfortunately we cannot accept applications without this clearance.

Work Location: In person

Salary : $175,000 - $300,000