Apply on Employer Site

Hunter Strategy · 2 months ago

Cybersecurity Data Analyst

United States

Full-time

Remote

Mid, Senior Level

2+ years exp

Hunter Strategy is a company focused on technical project delivery, treating customers as mission partners. They are seeking a Cybersecurity Data Analyst to support federal cybersecurity assessment and compliance initiatives, where the analyst will be responsible for querying and analyzing large datasets, performing statistical analysis, and supporting compliance activities.

GovTechInformation TechnologyMilitarySoftwareSoftware Engineering

Growth Opportunities

No H1B

U.S. Citizen Only

Responsibilities

Author Splunk SPL queries from scratch to interrogate large datasets and identify trends, anomalies, and deviations

Develop queries to answer specific questions about network behavior, user activity patterns, and security events (e.g., identifying unusual login times, isolating anomalies, detecting irregular patterns)

Support the aggregation and analysis of cybersecurity assessment data to evaluate organizational cybersecurity posture

Monitor cybersecurity assessment data flows and recommend quality improvement initiatives

Perform statistical analyses on large (including massive) datasets—such as computing standard deviations, percentages, trends, anomalies, and deviations

Analyze activity patterns to determine what falls outside normal parameters (e.g., percentage of users logging in during off-hours, frequency of unusual access times)

Identify baseline behaviors and flag deviations that may indicate security concerns

Turn complex data into actionable insights that enhance cybersecurity effectiveness

Conduct (perform, not just monitor) federal cybersecurity compliance assessments measuring adherence to NIST 800-53 Rev. 4 or newer

Perform FISMA compliance assessments and support Risk Management Framework (RMF) activities

Execute compliance-related tasks such as vulnerability scanning analysis, patch management statistics, or security control validation

Develop mappings between existing controls and assessment metrics

Document compliance findings and provide actionable recommendations to stakeholders

Support authorization processes and continuous monitoring activities

Identify and map data flows within enterprise networks to support assessment and analysis activities

Conduct event log analysis to determine telemetry, sequences of events, impacts, threats, and mitigation or recovery steps

Use the MITRE ATT&CK Framework to support threat hunting and detection-building in Splunk (preferred)

Provide data-driven insights and recommendations to improve cybersecurity posture

Qualification

Splunk SPL query developmentStatistical analysisFederal compliance assessmentsEvent log analysisData flow mappingCustomer relationship skillsCommunication skills

Required

Demonstrated ability to author Splunk SPL queries from scratch—not just consume dashboards or follow pre-formatted playbooks

Must be able to conceive of the syntax needed to ask Splunk to identify specific things (e.g., writing original queries to detect unusual login times, isolate anomalies, or identify irregular patterns)

Experience using Splunk as a primary tool for data interrogation and analysis

At least 1 year of experience performing statistical analysis on large or massive datasets

Demonstrated ability to conduct statistical analysis including identifying standard deviations, calculating percentages, and interpreting trends without AI-assisted tools

Experience analyzing patterns to determine what constitutes unusual behavior (e.g., determining baseline activity and identifying outliers)

Minimum 2 years of experience conducting (performing, not monitoring) federal cybersecurity compliance assessments measuring compliance with NIST 800-53 Rev. 4 or newer

Minimum 2 years of experience performing FISMA compliance assessments

Hands-on experience executing compliance-related tasks (such as vulnerability scanning analysis, patch management statistics, security control testing)

Minimum 2 years in a customer-facing role, with experience assessing compliance, documenting findings, and providing actionable recommendations

Experience identifying and mapping enterprise data flows

Experience with event log analysis and SIEM tools (Splunk primary)

Active Public Trust Clearance or the ability to obtain a Government Security Clearance

Preferred

Experience as a Tier II SOC Analyst or Hunt Team member—professionals who routinely take large datasets like log files and seek unusual patterns

Experience using tools like Tenable Nessus for compliance scanning, with statistical analysis of patching and scanning results (e.g., percentage patched, percentage not 'seen' by scanner, percentage that won't accept patches)

Experience with the MITRE ATT&CK Framework

Working knowledge of large-scale or distributed data and analytics solutions such as Apache Spark, Hadoop, Azure Data Lake, or similar tools

At least 3 years of experience in network operations or cybersecurity, with at least 1 year focused on data analysis

Experience supporting Risk Management Framework (RMF) processes and authorization activities

Familiarity with additional compliance frameworks (e.g., FedRAMP, CMMC, NIST CSF)

Strong communication and customer relationship skills