Job Description

ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work™

ASRC Federal is seeking a highly skilled and experienced Cyber Defense Analyst (Threat Hunter) to join our dynamic team. The successful candidate will perform robust network security monitoring and proactively identify potential threats across our enterprise infrastructure. This role is critical for defending mission systems, conducting in-depth traffic and vulnerability analysis, and maintaining a strong security posture in support of Department of Defense (DoD) missions. This position will support our DCSA Contract based in Quantico VA.
Remote flexibility available! Telework offered with a requirement to be onsite up to two (2) days a week at Quantico Marine Corps Base VA.

The Cyber Defense Analyst (Threat Hunter) is a vital role responsible for performing comprehensive network security monitoring and proactive threat hunting. This position focuses on safeguarding the network through continuous traffic analysis, vulnerability and wireless scanning, and leveraging enterprise tools such as Splunk, CrowdStrike, and Endpoint Security Suite (ESS). The Analyst will collaborate with cross-functional IT and security teams to implement Information Assurance Vulnerability Management (IAVM) programs, manage Network Access control, provide insider threat support, monitor data at rest, and review web content filtering. Additional duties may include the maintenance and upkeep of various cybersecurity applications and tools installed on servers and workstations to maintain high operational readiness.
Minimum Requirements:
• At least two (2) Years – Hands-on technical cybersecurity experience and knowledge of Computer Network Defense concepts, DISA Security Technical Information Implementation Guides, DoD A&A Process, NIST SP 800-53, NIST SP 800-61, CJCSM 6510.01 B, United States Cyber Command guidelines, and other applicable DoD Cyber Security and Computer Network Defense policies.
• Active Secret Clearance REQUIRED, eligible to be upgraded to TS/SCI.
• Bachelor's degree in Information Technology, Information Systems Management, Cybersecurity, or equivalent experience required. Relevant military experience may be considered in lieu of a degree.
• Must meet 8570 certification requirements at the time of hire. IAT Level II (e.g., CCNA Security, CySA +, GICSP, GSEC, Security+, SSSP or a CSSP Auditor Certification CEH, CISA, GSNA is preferred).
Required Skills:
• Log Analysis & Threat Identification: Experience analyzing log files from network traffic logs, firewall logs, IDS logs, DNS logs and ESS to identify possible security threats (e.g., determine rogue systems, infected systems, unauthorized system changes, and unauthorized hardware connections).
• Policy Enforcement: Ability to identify violations of internet access by reviewing web content filtering logs in accordance with DoD policy, and Standard Operating Procedures (SOPs).
• Task Management: Experience in processing and handling JFHQ DODIN Cyber related tasks to completion.
• Proactive Threat Hunting: Performance of threat hunting activities using DoD approved cyber tools through data hunting, manipulation, and presentation, including generating queries and reports for management and the end-customer.
• Incident Assessment: Validation and confirmation of critical security events and assessing the impact of the event, by incorporating data from multiple tool sources.
• Investigation & Forensics: Identifying evidence of illegal activity involving cybercrime offenses and examining computers that may have been involved in other types of crime or malware infection.
• Malware Analysis: Use of forensic tools and investigative methods to find specific electronic data, namely associated with performing complex malware analysis.
• Process Documentation: Experience developing and maintaining SOPs for security monitoring.
• Reporting: Provide daily/weekly/monthly reports to senior leadership on key indicators of network security.
Work Environment and Physical Demands:
• This is primarily a Telework position with a requirement to be onsite up to two (2) days a week.
• If alternate worksite is other than DCSA facilities or corporate office space, must have the reliable ability to communicate over voice (cell phone preferred) and stable, capable internet connection.
• Must be able to communicate complex technical ideas to a diverse customer base both verbally and in written form.

We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law. The salary offered will depend on several factors including, but not limited to, relevant experience, skills, education, geographic location, internal equity, business needs, and other factors permitted by law. Posted pay ranges are a general guideline only and are not a guarantee of compensation or salary.

EEO Statement
ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.