Cyber Analyst

Reports to | CTO
Location | D.C. Metro Region

Job Purpose

As a Cyber Analyst at WhiteHawk, you will support the Cyber Data Scientist with insight of specific systems, cyber operations, or applications. You will use big data techniques to assess and report outputs and help shape machine learning and processes to support technology development effort.

Duties and Responsibilities

As a WhiteHawk Cyber Analyst, you will…

  1. Serve as expert and work with team to develop, analyze and report on how organizations and SOC use tools and output of all sensors: enterprise IT, ICS/SCADA, embedded systems, & physical systems

  2. Utilize sematic web and other big data techniques to categorize cyber solutions and bundles

  3. Work with clients to tansform and interpret SIEM solutions and analytics related to SIEM data, e.g. sensor, log, threat, vulnerability, and other data needed to understand secure enterprise posture and provide situational awareness to stakeholders of the mission with SIEM tools like Splunk and ArcSight

  4. Develop solutions for clients to be able to proactively defend and keep the enterprise secure and in a trusted state

  5. Assess client communications and network protocols including the routing from heterogeneous sensor data sources


A WhiteHawk Cyber Analyst is a team player knowledgeable about cyber operations, solutions, network security and understands modeling techniques and data mining. You will have experience and deep understanding about business intelligence and real-time analytics. You should be comfortable with various statistical applications, and preferably several programming languages and SQL databases. You are independent, with natural curiosity for finding the most interesting trends and correlations in the data.

As a Cyber Analyst with WhiteHawk you will have…

  1. A Bachelor's Degree in Computer Science, Cyber Security or related technical/engineering field

  2. Additional 4 years of experience to substitute in lieu of a degree

  3. Excellent writing skills with the ability to develop processes, procedures, and technical diagrams using Visio

  4. Experience in the following tasks/areas:

    1. Cyber threat and risk analysis including how to develop mitigations

    2. Processing threat and vulnerability data to provide SA to CSOC operators

    3. Determining the target and objective of the attack

    4. Exfiltration path(s) and mechanisms

    5. Network traffic, running applications, and process analytics

    6. Enterprise incident response and forensics

    7. Building and working with virtual machines (e.g. experience with VMWare including VSphere)

  5. SysML, Unified Profile for DoDAF/MODAF (UPDM) experience preferred

  6. CISSP certification preferred

If this sounds like you, please send your cover letter and resume to [email protected]

We hope you will join us!