‹ Back
Assessment Data Analyst
JOB SUMMARY
Roles
Job details
About Hunter StrategyHunter Strategy has a unique philosophy to technical project delivery.
We treat all our customers like mission partners because they rely on our team to meet their objectives through complex software engineering, cloud operations, and cyber risk management solutions. Hunter Strategy was founded on the premise that IT is 21st century infrastructure - critically important but only instrumentally valuable. Accordingly, our teams look at problems with a single objective: the identification and enablement of the right capability to address the most vexing problems
our Mission
Partners face.
We continue to support our partners' success by leveraging the right technology, with the right plan, and the right team to address tomorrow's challenges today. Hunter Strategy is seeking a Cybersecurity Data Analyst/GRC SME to support federal cybersecurity assessment and compliance initiatives.
The analyst will play a critical role in querying and analyzing large cybersecurity datasets using Splunk, performing statistical analysis to identify trends and anomalies, and supporting compliance activities.
This role requires demonstrated hands-on experience authoring Splunk SPL queries from scratch, strong statistical analysis capabilities, and practical experience performing (not just monitoring) compliance-related tasks. Key ResponsibilitiesSplunk Query Development Data Analysis (Primary Focus)Author Splunk SPL queries from scratch to interrogate large datasets and identify trends, anomalies, and deviationsDevelop queries to answer specific questions about network behavior, user activity patterns, and security events (e. g. , identifying unusual login times, isolating anomalies, detecting irregular patterns)Support the aggregation and analysis of cybersecurity assessment data to evaluate organizational cybersecurity postureMonitor cybersecurity assessment data flows and recommend quality improvement initiativesStatistical Analysis Perform statistical analyses on large (including massive) datasets—such as computing standard deviations, percentages, trends, anomalies, and deviationsAnalyze activity patterns to determine what falls outside normal parameters (e. g. , percentage of users logging in during off-hours, frequency of unusual access times)Identify baseline behaviors and flag deviations that may indicate security concernsTurn complex data into actionable insights that enhance cybersecurity effectivenessNote: Use of AI-assisted tools (e. g. , ChatGPT) is prohibitedCompliance GRC Activities Conduct (perform, not just monitor) federal cybersecurity compliance assessments measuring adherence to NIST 800-53 Rev. 4 or newerPerform FISMA compliance assessments and support Risk Management Framework (RMF) activitiesExecute compliance-related tasks such as vulnerability scanning analysis, patch management statistics, or security control validationDevelop mappings between existing controls and assessment metricsDocument compliance findings and provide actionable recommendations to stakeholdersSupport authorization processes and continuous monitoring activitiesAdditional Technical ActivitiesIdentify and map data flows within enterprise networks to support assessment and analysis activitiesConduct event log analysis to determine telemetry, sequences of events, impacts, threats, and mitigation or recovery stepsUse the MITRE ATT CK Framework to support threat hunting and detection-building in Splunk (preferred)Provide data-driven insights and recommendations to improve cybersecurity postureRequired
Qualifications
Splunk Expertise (Critical Requirement)Demonstrated ability to author Splunk SPL queries from scratch—not just consume dashboards or follow pre-formatted playbooksMust be able to conceive of the syntax needed to ask Splunk to identify specific things (e. g. , writing original queries to detect unusual login times, isolate anomalies, or identify irregular patterns)Experience using Splunk as a primary tool for data interrogation and analysisStatistical Analysis CapabilityAt least 1 year of experience performing statistical analysis on large or massive datasetsDemonstrated ability to conduct statistical analysis including identifying standard deviations, calculating percentages, and interpreting trends without AI-assisted toolsExperience analyzing patterns to determine what constitutes unusual behavior (e. g. , determining baseline activity and identifying outliers)Compliance GRC ExperienceMinimum 2 years of experience conducting (performing, not monitoring) federal cybersecurity compliance assessments measuring compliance with NIST 800-53 Rev. 4 or newerMinimum 2 years of experience performing FISMA compliance assessmentsHands-on experience executing compliance-related tasks (such as vulnerability scanning analysis, patch management statistics, security control testing)Minimum 2 years in a customer-facing role, with experience assessing compliance, documenting findings, and providing actionable recommendationsAdditional
Requirements
Experience identifying and mapping enterprise data flowsExperience with event log analysis and SIEM tools (Splunk primary)Active Public Trust Clearance or the ability to obtain a Government Security ClearanceNice-to-Have
Qualifications
Preferred ExperienceExperience as a Tier II SOC Analyst or Hunt Team member—professionals who routinely take large datasets like log files and seek unusual patternsExperience using tools like Tenable Nessus for compliance scanning, with statistical analysis of patching and scanning results (e. g. , percentage patched, percentage not "seen" by scanner, percentage that won't accept patches)Experience with the MITRE ATT CK FrameworkWorking knowledge of large-scale or distributed data and analytics solutions such as Apache Spark, Hadoop, Azure Data Lake, or similar toolsBackgroundAt least 3 years of experience in network operations or cybersecurity, with at least 1 year focused on data analysisExperience supporting Risk Management Framework (RMF) processes and authorization activitiesFamiliarity with additional compliance frameworks (e. g. , FedRAMP, CMMC, NIST CSF)Strong communication and customer relationship skillsNote on
Qualifications
: Certifications and formal education are not required for this position.
We prioritize demonstrated hands-on experience with Splunk SPL query development, statistical analysis capability, and practical compliance execution experience.
We treat all our customers like mission partners because they rely on our team to meet their objectives through complex software engineering, cloud operations, and cyber risk management solutions. Hunter Strategy was founded on the premise that IT is 21st century infrastructure - critically important but only instrumentally valuable. Accordingly, our teams look at problems with a single objective: the identification and enablement of the right capability to address the most vexing problems
our Mission
Partners face.
We continue to support our partners' success by leveraging the right technology, with the right plan, and the right team to address tomorrow's challenges today. Hunter Strategy is seeking a Cybersecurity Data Analyst/GRC SME to support federal cybersecurity assessment and compliance initiatives.
The analyst will play a critical role in querying and analyzing large cybersecurity datasets using Splunk, performing statistical analysis to identify trends and anomalies, and supporting compliance activities.
This role requires demonstrated hands-on experience authoring Splunk SPL queries from scratch, strong statistical analysis capabilities, and practical experience performing (not just monitoring) compliance-related tasks. Key ResponsibilitiesSplunk Query Development Data Analysis (Primary Focus)Author Splunk SPL queries from scratch to interrogate large datasets and identify trends, anomalies, and deviationsDevelop queries to answer specific questions about network behavior, user activity patterns, and security events (e. g. , identifying unusual login times, isolating anomalies, detecting irregular patterns)Support the aggregation and analysis of cybersecurity assessment data to evaluate organizational cybersecurity postureMonitor cybersecurity assessment data flows and recommend quality improvement initiativesStatistical Analysis Perform statistical analyses on large (including massive) datasets—such as computing standard deviations, percentages, trends, anomalies, and deviationsAnalyze activity patterns to determine what falls outside normal parameters (e. g. , percentage of users logging in during off-hours, frequency of unusual access times)Identify baseline behaviors and flag deviations that may indicate security concernsTurn complex data into actionable insights that enhance cybersecurity effectivenessNote: Use of AI-assisted tools (e. g. , ChatGPT) is prohibitedCompliance GRC Activities Conduct (perform, not just monitor) federal cybersecurity compliance assessments measuring adherence to NIST 800-53 Rev. 4 or newerPerform FISMA compliance assessments and support Risk Management Framework (RMF) activitiesExecute compliance-related tasks such as vulnerability scanning analysis, patch management statistics, or security control validationDevelop mappings between existing controls and assessment metricsDocument compliance findings and provide actionable recommendations to stakeholdersSupport authorization processes and continuous monitoring activitiesAdditional Technical ActivitiesIdentify and map data flows within enterprise networks to support assessment and analysis activitiesConduct event log analysis to determine telemetry, sequences of events, impacts, threats, and mitigation or recovery stepsUse the MITRE ATT CK Framework to support threat hunting and detection-building in Splunk (preferred)Provide data-driven insights and recommendations to improve cybersecurity postureRequired
Qualifications
Splunk Expertise (Critical Requirement)Demonstrated ability to author Splunk SPL queries from scratch—not just consume dashboards or follow pre-formatted playbooksMust be able to conceive of the syntax needed to ask Splunk to identify specific things (e. g. , writing original queries to detect unusual login times, isolate anomalies, or identify irregular patterns)Experience using Splunk as a primary tool for data interrogation and analysisStatistical Analysis CapabilityAt least 1 year of experience performing statistical analysis on large or massive datasetsDemonstrated ability to conduct statistical analysis including identifying standard deviations, calculating percentages, and interpreting trends without AI-assisted toolsExperience analyzing patterns to determine what constitutes unusual behavior (e. g. , determining baseline activity and identifying outliers)Compliance GRC ExperienceMinimum 2 years of experience conducting (performing, not monitoring) federal cybersecurity compliance assessments measuring compliance with NIST 800-53 Rev. 4 or newerMinimum 2 years of experience performing FISMA compliance assessmentsHands-on experience executing compliance-related tasks (such as vulnerability scanning analysis, patch management statistics, security control testing)Minimum 2 years in a customer-facing role, with experience assessing compliance, documenting findings, and providing actionable recommendationsAdditional
Requirements
Experience identifying and mapping enterprise data flowsExperience with event log analysis and SIEM tools (Splunk primary)Active Public Trust Clearance or the ability to obtain a Government Security ClearanceNice-to-Have
Qualifications
Preferred ExperienceExperience as a Tier II SOC Analyst or Hunt Team member—professionals who routinely take large datasets like log files and seek unusual patternsExperience using tools like Tenable Nessus for compliance scanning, with statistical analysis of patching and scanning results (e. g. , percentage patched, percentage not "seen" by scanner, percentage that won't accept patches)Experience with the MITRE ATT CK FrameworkWorking knowledge of large-scale or distributed data and analytics solutions such as Apache Spark, Hadoop, Azure Data Lake, or similar toolsBackgroundAt least 3 years of experience in network operations or cybersecurity, with at least 1 year focused on data analysisExperience supporting Risk Management Framework (RMF) processes and authorization activitiesFamiliarity with additional compliance frameworks (e. g. , FedRAMP, CMMC, NIST CSF)Strong communication and customer relationship skillsNote on
Qualifications
: Certifications and formal education are not required for this position.
We prioritize demonstrated hands-on experience with Splunk SPL query development, statistical analysis capability, and practical compliance execution experience.
Discover the company
Explore other offers from this company or learn more about Hunter Strategy.
The company
H
Hunter Strategy United States
