Cybersecurity Data Analyst

About Hunter Strategy

Hunter Strategy has a unique philosophy to technical project delivery. We treat all our customers like mission partners because they rely on our team to meet their objectives through complex software engineering, cloud operations, and cyber risk management solutions. Hunter Strategy was founded on the premise that IT is 21st century infrastructure - critically important but only instrumentally valuable. Accordingly, our teams look at problems with a single objective: the identification and enablement of the right capability to address the most vexing problems our Mission Partners face. We continue to support our partners' success by leveraging the right technology, with the right plan, and the right team to address tomorrow's challenges today.

Hunter Strategy is seeking an Assessment Data Analyst to support cybersecurity assessment initiatives. The analyst will play a key role in aggregating and interpreting large cybersecurity datasets to measure the overall posture of business units and the organization. This role requires strong statistical analysis capabilities, familiarity with cybersecurity assessment frameworks, and the ability to turn complex data into actionable insights that enhance cybersecurity effectiveness.

• Support the aggregation and analysis of cybersecurity assessment data to evaluate organizational cybersecurity posture.
• Develop and author Splunk SPL queries to interrogate large datasets and identify trends, anomalies, and deviations.
• Monitor cybersecurity assessment data flows and recommend quality improvement initiatives.
• Develop mappings between existing controls and assessment metrics.
• Perform statistical analyses on large (including massive) datasets—such as computing standard deviations, trends, anomalies, and deviations—using tools such as spreadsheets, databases, business intelligence platforms, visualization tools, or programming languages.
• • Note: Use of AI-assisted tools (e.g., ChatGPT) is prohibited.
• Identify and map data flows within enterprise networks to support assessment and analysis activities.
• Conduct event log analysis to determine telemetry, sequences of events, impacts, threats, and mitigation or recovery steps—leveraging Splunk as a key SIEM tool.
• Use the MITRE ATT&CK Framework to support threat hunting and detection-building in Splunk (preferred).
• Provide data-driven insights and recommendations to improve cybersecurity posture.

• At least 1 year of experience performing statistical analysis on large or massive datasets.
• Demonstrated ability to author Splunk SPL queries from scratch (e.g., writing queries to identify unusual login times, isolate anomalies, or detect irregular patterns).
• Demonstrated ability to conduct statistical analysis, including identifying standard deviations and interpreting trends, without AI-assisted tools.
• Minimum 2 years of experience conducting federal cybersecurity assessments measuring compliance with NIST 800-53 Rev. 4 or newer.
• Minimum 2 years of experience performing FISMA compliance assessments.
• Minimum 2 years in a customer-facing role, with experience assessing compliance, documenting findings, and providing actionable recommendations.
• Experience identifying and mapping enterprise data flows.
• Experience with event log analysis and SIEM tools such as Splunk.
• Experience with the MITRE ATT&CK Framework (preferred).
• Experience as a SOC Analyst using Splunk (preferred).
• Active Public Trust Clearance or the ability to obtain a Government Security Clearance.

• Working knowledge of large-scale or distributed data and analytics solutions such as Apache Spark, Hadoop, Splunk SPL, Azure Data Lake, or similar tools.
• At least 3 years of experience in network operations or cybersecurity, with at least 1 year focused on data analysis.
• Strong communication and customer relationship skills.