Cybersecurity Data Analyst

About Hunter Strategy

Hunter Strategy has a unique philosophy to technical project delivery. We treat all our customers like mission partners because they rely on our team to meet their objectives through complex software engineering, cloud operations, and cyber risk management solutions. Hunter Strategy was founded on the premise that IT is 21st century infrastructure - critically important but only instrumentally valuable. Accordingly, our teams look at problems with a single objective: the identification and enablement of the right capability to address the most vexing problems our Mission Partners face. We continue to support our partners' success by leveraging the right technology, with the right plan, and the right team to address tomorrow's challenges today.

Hunter Strategy is seeking a Cybersecurity Data Analyst/GRC SME to support federal cybersecurity assessment and compliance initiatives. The analyst will play a critical role in querying and analyzing large cybersecurity datasets using Splunk, performing statistical analysis to identify trends and anomalies, and supporting compliance activities. This role requires demonstrated hands-on experience authoring Splunk SPL queries from scratch, strong statistical analysis capabilities, and practical experience performing (not just monitoring) compliance-related tasks.

Key Responsibilities

• Splunk Query Development & Data Analysis (Primary Focus)
• • Author Splunk SPL queries from scratch to interrogate large datasets and identify trends, anomalies, and deviations
  • Develop queries to answer specific questions about network behavior, user activity patterns, and security events (e.g., identifying unusual login times, isolating anomalies, detecting irregular patterns)
  • Support the aggregation and analysis of cybersecurity assessment data to evaluate organizational cybersecurity posture
  • Monitor cybersecurity assessment data flows and recommend quality improvement initiatives
• Statistical Analysis
• • Perform statistical analyses on large (including massive) datasets—such as computing standard deviations, percentages, trends, anomalies, and deviations
  • Analyze activity patterns to determine what falls outside normal parameters (e.g., percentage of users logging in during off-hours, frequency of unusual access times)
  • Identify baseline behaviors and flag deviations that may indicate security concerns
  • Turn complex data into actionable insights that enhance cybersecurity effectiveness
  • Note: Use of AI-assisted tools (e.g., ChatGPT) is prohibited
• Compliance & GRC Activities
• • Conduct (perform, not just monitor) federal cybersecurity compliance assessments measuring adherence to NIST 800-53 Rev. 4 or newer
  • Perform FISMA compliance assessments and support Risk Management Framework (RMF) activities
  • Execute compliance-related tasks such as vulnerability scanning analysis, patch management statistics, or security control validation
  • Develop mappings between existing controls and assessment metrics
  • Document compliance findings and provide actionable recommendations to stakeholders
  • Support authorization processes and continuous monitoring activities
• Additional Technical Activities
• • Identify and map data flows within enterprise networks to support assessment and analysis activities
  • Conduct event log analysis to determine telemetry, sequences of events, impacts, threats, and mitigation or recovery steps
  • Use the MITRE ATT&CK Framework to support threat hunting and detection-building in Splunk (preferred)
  • Provide data-driven insights and recommendations to improve cybersecurity posture

Required Qualifications

• Splunk Expertise (Critical Requirement)
• • Demonstrated ability to author Splunk SPL queries from scratch—not just consume dashboards or follow pre-formatted playbooks
  • Must be able to conceive of the syntax needed to ask Splunk to identify specific things (e.g., writing original queries to detect unusual login times, isolate anomalies, or identify irregular patterns)
  • Experience using Splunk as a primary tool for data interrogation and analysis
• Statistical Analysis Capability
• • At least 1 year of experience performing statistical analysis on large or massive datasets
  • Demonstrated ability to conduct statistical analysis including identifying standard deviations, calculating percentages, and interpreting trends without AI-assisted tools
  • Experience analyzing patterns to determine what constitutes unusual behavior (e.g., determining baseline activity and identifying outliers)
• Compliance & GRC Experience
• • Minimum 2 years of experience conducting (performing, not monitoring) federal cybersecurity compliance assessments measuring compliance with NIST 800-53 Rev. 4 or newer
  • Minimum 2 years of experience performing FISMA compliance assessments
  • Hands-on experience executing compliance-related tasks (such as vulnerability scanning analysis, patch management statistics, security control testing)
  • Minimum 2 years in a customer-facing role, with experience assessing compliance, documenting findings, and providing actionable recommendations
• Additional Requirements
• • Experience identifying and mapping enterprise data flows
  • Experience with event log analysis and SIEM tools (Splunk primary)
  • Active Public Trust Clearance or the ability to obtain a Government Security Clearance

Nice-to-Have Qualifications

• Preferred Experience
• • Experience as a Tier II SOC Analyst or Hunt Team member—professionals who routinely take large datasets like log files and seek unusual patterns
  • Experience using tools like Tenable Nessus for compliance scanning, with statistical analysis of patching and scanning results (e.g., percentage patched, percentage not "seen" by scanner, percentage that won't accept patches)
  • Experience with the MITRE ATT&CK Framework
  • Working knowledge of large-scale or distributed data and analytics solutions such as Apache Spark, Hadoop, Azure Data Lake, or similar tools
• Background
• • At least 3 years of experience in network operations or cybersecurity, with at least 1 year focused on data analysis
  • Experience supporting Risk Management Framework (RMF) processes and authorization activities
  • Familiarity with additional compliance frameworks (e.g., FedRAMP, CMMC, NIST CSF)
  • Strong communication and customer relationship skills

Note on Qualifications: Certifications and formal education are not required for this position. We prioritize demonstrated hands-on experience with Splunk SPL query development, statistical analysis capability, and practical compliance execution experience.