What are the responsibilities and job description for the NASA Cyber Threat Hunt Analyst, Cyber Threat Hunt Analyst and Incident Responders position at TYTON LLC?
Company Description
TYTON LLC is a consultancy expertise delivers tailored solutions to meet client needs with missions of the greatest importance to our nation. We focus on solving complex challenges with precision and dedication, enabling customers to achieve their goals with efficiency and agility. TYTON LLC fosters a collaborative, results-driven environment, helping clients navigate and adapt to an ever-evolving landscape while maintaining security and operational integrity.
Cyber Threat Hunt Analyst Role Description
Location: Onsite at NASA Goddard Space Flight Center (GSFC), Greenbelt, MD, NASA Marshall Space Flight Center (MSFC), Huntsville, AL, and NASA Kennedy Space Center (KSC), Cape Canaveral, FL
This position involves working with a team of CND/CNO specialists to protect critical systems by applying knowledge of attacker methods. Key duties include scripting, analyzing alerts to distinguish genuine threats from false positives, and advising government clients on network security enhancements. The role requires collaboration with cybersecurity experts to identify threats that evade SIEM detection and support the development of advanced security analytics.
Qualifications
- 6 years in cybersecurity offensive/defensive operations
- 4 years in APT hunting, penetration testing, digital forensics, SOC operations, or incident response
- Experience profiling and tracking malicious actors, detecting MITRE ATT&CK TTPs, and analyzing log files
- Bachelor’s degree
- Secret clearance required; ability to obtain and maintain TS/SCI clearance Experience with detection/alerting technologies (Splunk, Elastic, SentinelOne, etc.)
- Forensic and data analysis, leading cyber exercises
- Technical reporting and leadership briefings
- IAT Level III certification (CISSP, CISM, or CISA)
- Secret clearance required; ability to obtain and maintain TS/SCI clearance
Incident Responder Role Description
Location: Onsite at NASA Marshall Space Flight Center (MSFC), Huntsville, AL or NASA Johnson Space Center (JSC), Houston, TXThis position focuses on monitoring and responding to cyber incidents across networks and information systems. The role supports cyber defense operations, manages major incidents, and partners with stakeholders to improve security solutions. It also coordinates incident response actions and maintains chain-of-custody for sensitive investigations.
Qualifications
- 3 years in APT hunting, penetration testing, digital forensics, malware reverse engineering, SOC operations, or incident response
- Experience with SentinelOne, Splunk, or Microsoft Defender
- Bachelor’s degree
- OSCP, CCNA-Security, CySA , GCIH, GICSP, PenTest or similar certification
- Secret clearance required; TS/SCI clearance preferred
- Proficiency in MITRE ATT&CK TTPs, SIEM alerts analysis, and log file review
- Ability to work independently and manage multiple concurrent tasks
Cyber Threat Analyst Role Description
Location: Onsite at NASA Marshall Space Flight Center (MSFC), Huntsville, AL OR NASA Johnson Space Center (JSC), Houston, TX
Acts as an integral member of the threat intelligence team, evaluating the implications of emerging threats on client organizations. Responsibilities include supporting incident detection and response efforts, formulating advanced detection strategies, and delivering intelligence insights to enhance cybersecurity operations. The role requires distilling complex technical data into clear, actionable intelligence for both technical teams and executive leadership.
Qualifications
- 6 years of cybersecurity experience
- 4 years in threat research associated with nation-state or criminal activities
- Strong communication skills for technical and executive audiences
- Experience with network protocols, SIEM, endpoint tools, and frameworks (Cyber Kill Chain, Diamond Model, MITRE ATT&CK)
- Bachelor’s degree
- Secret clearance required; Ability to obtain and maintain Top Secret/SCI
- Experience with intelligence community or national security
- Familiarity with threat intelligence platforms (MISP, Mandiant, CrowdStrike, Recorded Future, etc.)
- Industry certifications (GCIA, GCIH, GCFA, GNFA, GCTI, GREM)