Cybersecurity Data Analyst at Hunter Strategy | Torre
warning

Heads-up

The job you’re trying to post already exists in Torre:

Cybersecurity Data Analyst

You'll secure federal missions by transforming complex cybersecurity data into actionable insights.
Emma highlights
This highlight was written by Emma’s AI. Ask Emma to edit it.
Full-time

Legal agreement: Employment

Provide your expected compensation while applying
location_on
Remote (for United States residents)
Match
skeleton-gauges
You have opted out of job matches in .
To undo this, go to the 'Skills and Interests' section of your preferences.
Review preferences
Posted 5 months ago

Requirements and responsibilities


About Hunter StrategyHunter Strategy has a unique philosophy to technical project delivery. We treat all our customers like mission partners because they rely on our team to meet their objectives through complex software engineering, cloud operations, and cyber risk management solutions. Hunter Strategy was founded on the premise that IT is 21st century infrastructure - critically important but only instrumentally valuable. Accordingly, our teams look at problems with a single objective: the identification and enablement of the right capability to address tomorrow's challenges today.Hunter Strategy is seeking a Cybersecurity Data Analyst/GRC SME to support federal cybersecurity assessment and compliance initiatives. The analyst will play a critical role in querying and analyzing large cybersecurity datasets using Splunk, performing statistical analysis to identify trends and anomalies, and supporting compliance activities. This role requires demonstrated hands-on experience authoring Splunk SPL queries from scratch, strong statistical analysis capabilities, and practical experience performing (not just monitoring) compliance-related tasks.Key ResponsibilitiesSplunk Query Development & Data Analysis (Primary Focus)Author Splunk SPL queries from scratch to interrogate large datasets and identify trends, anomalies, and deviationsDevelop queries to answer specific questions about network behavior, user activity patterns, and security events (e.g., identifying unusual login times, isolating anomalies, detecting irregular patterns)Support the aggregation and analysis of cybersecurity assessment data to evaluate organizational cybersecurity postureMonitor cybersecurity assessment data flows and recommend quality improvement initiativesStatistical AnalysisPerform statistical analyses on large (including massive) datasets—such as computing standard deviations, percentages, trends, anomalies, and deviationsAnalyze activity patterns to determine what falls outside normal parameters (e.g., percentage of users logging in during off-hours, frequency of unusual access times)Identify baseline behaviors and flag deviations that may indicate security concernsTurn complex data into actionable insights that enhance cybersecurity effectivenessNote: Use of AI-assisted tools (e.g., ChatGPT) is prohibitedCompliance & GRC ActivitiesConduct (perform, not just monitor) federal cybersecurity compliance assessments measuring adherence to NIST 800-53 Rev. 4 or newerPerform FISMA compliance assessments and support Risk Management Framework (RMF) activitiesExecute compliance-related tasks such as vulnerability scanning analysis, patch management statistics, or security control validationDevelop mappings between existing controls and assessment metricsDocument compliance findings and provide actionable recommendations to stakeholdersSupport authorization processes and continuous monitoring activitiesAdditional Technical ActivitiesIdentify and map data flows within enterprise networks to support assessment and analysis activitiesConduct event log analysis to determine telemetry, sequences of events, impacts, threats, and mitigation or recovery stepsUse the MITRE ATT&CK Framework to support threat hunting and detection-building in Splunk (preferred)Provide data-driven insights and recommendations to improve cybersecurity postureRequired QualificationsSplunk Expertise (Critical Requirement)Demonstrated ability to author Splunk SPL queries from scratch—not just consume dashboards or follow pre-formatted playbooksMust be able to conceive of the syntax needed to ask Splunk to identify specific things (e.g., writing original queries to detect unusual login times, isolate anomalies, or identify irregular patterns)Experience using Splunk as a primary tool for data interrogation and analysisStatistical Analysis CapabilityAt least 1 year of experience performing statistical analysis on large or massive datasetsDemonstrated ability to conduct statistical analysis including identifying standard deviations, calculating percentages, and interpreting trends without AI-assisted toolsExperience analyzing patterns to determine what constitutes unusual behavior (e.g., determining baseline activity and identifying outliers)Compliance & GRC ExperienceMinimum 2 years of experience conducting (performing, not monitoring) federal cybersecurity compliance assessments measuring compliance with NIST 800-53 Rev. 4 or newerMinimum 2 years of experience performing FISMA compliance assessmentsHands-on experience executing compliance-related tasks (such as vulnerability scanning analysis, patch management statistics, security control testing)Minimum 2 years in a customer-facing role, with experience assessing compliance, documenting findings, and providing actionable recommendationsAdditional RequirementsExperience identifying and mapping enterprise data flowsExperience with event log analysis and SIEM tools (Splunk primary)Active Public Trust Clearance or the ability to obtain a Government Security ClearanceNice-to-Have QualificationsPreferred ExperienceExperience as a Tier II SOC Analyst or Hunt Team member—professionals who routinely take large datasets like log files and seek unusual patternsExperience using tools like Tenable Nessus for compliance scanning, with statistical analysis of patching and scanning results (e.g., percentage patched, percentage not seen by scanner, percentage that won't accept patches)Experience with the MITRE ATT&CK FrameworkWorking knowledge of large-scale or distributed data and analytics solutions such as Apache Spark, Hadoop, Azure Data Lake, or similar toolsBackgroundAt least 3 years of experience in network operations or cybersecurity, with at least 1 year focused on data analysisExperience supporting Risk Management Framework (RMF) processes and authorization activitiesFamiliarity with additional compliance frameworks (e.g., FedRAMP, CMMC, NIST CSF)Strong communication and customer relationship skillsNote on Qualifications: Certifications and formal education are not required for this position. We prioritize demonstrated hands-on experience with Splunk SPL query development, statistical analysis capability, and practical compliance execution experience.
Optionally, you can add more information later (benefits, pre-screening questions, etc.)
check_circle

Payment confirmed

A member of the Torre team will contact you shortly

In the meantime, continue adding information to your job opening.