Data Exploiter (TS/SCI with Poly Required)

GCI embodies excellence, integrity and professionalism. The employees supporting our customers deliver unique, high-value mission solutions while effectively leverage the technological expertise of our valued workforce to meet critical mission requirements in the areas of Data Analytics and Software Development, Engineering, Targeting and Analysis, Operations, Training, and Cyber Operations. We maximize opportunities for success by building and maintaining trusted and reliable partnerships with our customers and industry.

At GCI, we solve the hard problems. As a Data Exploiter, a typical day will include the following duties:

A qualified Data Exploiter reviews, manipulates, triages, and analyzes large datasets and collections. Candidate is responsible for supporting operational and analytical requirements. Activities include detailed log analysis, network traffic monitoring, and vulnerability risk assessment. The individual will be expected to conduct assessments of software tools and systems to identify vulnerabilities, and work with internal and external technical stakeholders to identify solutions to enrich analysis. Able to follow the entire targeting life cycle by engaging in data exploitation of requirements collection, data analysis, summary and documentation, and actionable information dissemination.  

KEY RESPONSIBILITIES  

    Track and monitor cyber actors, their activities, and infrastructure to identify potential threats and vulnerabilities.

    Utilize industry-standard commercial and open-source tools for threat intelligence gathering and analysis.

    Conduct proactive threat hunting to uncover malicious activity, indicators of compromise (IOCs), and tactics, techniques, and procedures (TTPs).

    Chain cyber threat events across multiple data sources to build coherent threat narratives and timelines.

    Analyze network traffic, logs, and endpoints to identify malicious behaviors and anomalous activities.

   Develop actionable intelligence reports and briefings for both technical and non-technical stakeholders.

    Collaborate with incident response, SOC, and other security teams to correlate findings and provide context.

    Maintain an understanding of emerging cyber threats and trends, adjusting hunting techniques accordingly.

    Communicate threat findings and intelligence through clear, concise briefings and visualizations

 

EDUCATION AND EXPERIENCE

    Bachelor's degree in computer science, information technology, or other related discipline, or equivalent combination of education, technical certifications, training, and work/military experience.

 

 

 

 

 

REQUIRED QUALIFICATIONS

    Strong knowledge of common cyber attack methodologies (e.g., MITRE ATT&CK, kill chain models).

    Strong knowledge of TCP/IP communications.

    Proficiency with commercial and open-source threat intelligence tools, such as: 

    SIEM (e.g., Splunk, Elastic Stack)

    Network traffic analysis tools (e.g., Zeek, Suricata, Wireshark)

    Threat intelligence platforms (e.g., ThreatConnect, Anomali)

    OSINT tools (e.g., Maltego, Shodan, Censys)

    Endpoint detection and response (EDR) tools (e.g., CrowdStrike, Carbon Black)

    Malware analysis tools (e.g., VirusTotal, Hybrid Analysis)

    Strong analytical skills to identify patterns, anomalies, and relationships between cyber threat events.

    Ability to articulate complex technical findings in clear, accessible briefings and reports.

    Strong written and verbal communication skills, with an emphasis on briefing senior leadership and non-technical stakeholders.

    Experience in creating threat intelligence reports and providing actionable recommendations.

 

DESIRED QUALIFICATIONS

    Understanding of malware behaviors and basic reverse engineering concepts.

    Experience with automated threat hunting and scripting (e.g., Python, PowerShell).

    Familiarity with cloud environments (e.g., AWS, Azure) and associated cyber threats.

    Experience in a Security Operations Center (SOC) or Incident Response role.

    Experience extracting information of foreign intelligence, counterintelligence and targeting value from digital data. 

    Experience producing products that inform operations, drive targeting and collection, contribute to intelligence products, and support multiple customer needs.

 

 

Salary Range $134,596-$224,764

 

 

 

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans