Data Exploiter; TS​/SCI Poly at GDIT Chantilly, Loudoun County, VA

Position:
Data Exploiter (TS/SCI with Poly Required)

GDIT, Chantilly, Loudoun County, VA.

Responsible for reviewing, manipulating, triaging, and analyzing large datasets and collections to support operational and analytical requirements. Activities include detailed log analysis, network traffic monitoring, and vulnerability risk assessment. Conducts assessments of software tools to identify vulnerabilities, collaborates with stakeholders to enhance analysis, and follows the full targeting life cycle.

• Track and monitor cyber actors, activities, and infrastructure to identify threats and vulnerabilities.
• Utilize commercial and open‑source tools for threat intelligence gathering.
• Conduct proactive threat hunting to uncover malicious activity, IOCs, and TTPs.
• Chain threat events across multiple data sources to build coherent narratives.
• Analyze network traffic, logs, and endpoints to identify malicious behaviors and anomalies.
• Develop actionable intelligence reports and briefings for technical and non‑technical stakeholders.
• Collaborate with incident response, SOC, and other security teams to correlate findings.
• Maintain knowledge of emerging cyber threats and adjust hunting techniques accordingly.
• Communicate threat findings through clear briefings and visualizations.

• Strong knowledge of cyber attack methodologies (e.g., MITRE ATT&CK, kill‑chain models).
• Strong knowledge of TCP/IP communications.
• Proficiency with commercial and open‑source threat intelligence tools: SIEM (Splunk, Elastic Stack); network traffic analysis tools (Zeek, Suricata, Wireshark); threat intelligence platforms (Threat Connect, Anomali); OSINT tools (Maltego, Shodan, Censys); EDR tools (Crowd Strike, Carbon Black); malware analysis tools (Virus Total, Hybrid Analysis).
• Strong analytical skills to identify patterns, anomalies, and relationships between threat events.
• Ability to articulate complex technical findings in clear briefings and reports.
• Strong written and verbal communication skills; experience briefing senior leadership and non‑technical stakeholders.
• Experience creating threat intelligence reports and providing actionable recommendations.

• Understanding of malware behaviors and reverse‑engineering concepts.
• Experience with automated threat hunting and scripting (Python, Power Shell).
• Familiarity with cloud environments (AWS, Azure) and associated cyber threats.
• Experience in a SOC or Incident Response role.
• Experience extracting foreign intelligence, counter‑intelligence, and targeting value from digital data.
• Experience producing products that inform operations, drive targeting and collection, contribute to intelligence products, and support multiple customer needs.

• Location:
  
  USA, VA – Chantilly
• Hours:
  
  40 per week
• Travel:
  None
• Telecommuting:
  Onsite
• Clearance:
  Must currently possess Top Secret SCI + Polygraph; must be able to obtain Top Secret SCI + Polygraph.
• US citizenship required.
• Salary range: $136,000 – $184,000 (subject to experience and location).

Equal opportunity employer. Individuals with disabilities. Protected veterans.