Enterprise - Cyber Analyst - Big Data, SIEMs, Python . Meade, MD Branch MD - LIT

Erias Ventures was founded to serve its customers with an entrepreneurial mindset. We value creative problem-solving
, open communication
, and empowering our employees to make decisions and put forth new ideas. Our staff includes technical experts working across multiple disciplines, bringing diverse perspectives to every project. We are seeking engineers who wish to grow their careers and want to become part of a technically strong and growth-oriented company focused on bringing innovative solutions to the difficult mission problems facing our customers.

We are seeking a Product Champion to apply strong cyber security, data science, Defensive Cyber Operations (DCO), and networking domain knowledge to support cyber operational teams with leveraging intelligence and coordination applications and tools. Regular cyber hunt activities consist of hunting for threats, reporting on findings, and converting tools, techniques, and processes into automated capabilities for the current cyber platform. Regular data science activities consist of operational research, statistical analysis, hypothesis testing, model building/testing, and communicating results using visualizations.

Will also be responsible for collecting customer Cyber Operations requirements, generating use cases, and system training to end users.

• Champion Threat Awareness Sharing Capability (TASC) suite of applications
• Conduct threat hunt operations on assigned Big Data Platform(s) – BDP (JCRS‑D)
• Present threat hunt findings through live‑interactive sessions either in person or remote
• Assist customer(s) with their threat hunting operations
• Collaborate with customers to define requirements and operational gaps to maximize satisfaction
• Serve as an advisor to the customer on data enrichment and functions to enhance customer experience
• Perform quality assurance checks on data that is resident on the platform
• Evaluate and analyze new or potential data feeds to determine relevance and usability of data for customer(s)
• Support analytic requests (data query search, visualizations, dashboards, etc.)
• Leverage advanced statistical modeling to uncover hidden patterns and translate them into intuitive, customer‑facing visualizations
• Synthesize diverse data streams into coherent data products that help customers visualize their progress and identify new opportunities
• Provide real time customer support during normal working hours
• Maintain situational awareness of emerging cyber threats for possible action and notification to an impacted customer(s)
• Provide documentation on data feeds and deliverables
• Support demonstration requests to showcase various capabilities of the platform
• Additional duties as assigned

A current TS/SCI U.S. Government Security Clearance is required; U.S. Citizenship required.

Minimum of nine plus (9+) years experience in cyber security operations related fields with Bachelors in Information Technology, Cyber Security or related field; seven (7) years relevant experience with Masters in related field; or High School Diploma or equivalent and thirteen (13) years relevant experience.

• Experience with the DoW customers, ideally supporting US Cyber Command, DISA or DCDC, or Service Cyber Components
• Experience with BDP (JCRS‑D) and JCC2 Applications
• Presenting analysis to stakeholders of varying data knowledge levels
• Proficient in various query languages (SQL, KQL (Kusto))
• Python experience, and bonus for experience using Jupyter notebooks
• Experience with dashboarding/visualizations (Power‑Bi, Superset)
• Familiarity with cloud providers and environments (Azure, AWS, Google Cloud Platform)
• Cyber Hunt methodologies and techniques
• SIEMs - (e.g., Splunk, Q‑Radar, ELK)
• SOARs (e.g., Sentinel, CORTEX, X‑SOAR)
• Developing and deploying threat detection signatures
• Collecting data from a variety of cyber defense resources. (e.g., CVE, OSINT)
• Recognizing and categorizing types of vulnerabilities and associated attacks
• Reading and interpreting signatures (e.g., SNORT, SIGMA, Yara, YAML)
• Network traffic analysis methods (e.g.,TCP‑DUMP, Wireshark, Zeek)
• Familiar with cyber attack stages (MITRE ATT&CK), and incident response and handling…