Assessment Data Analyst

Hunter Strategy is seeking an Assessment Data Analyst to support cybersecurity assessment initiatives. The analyst will play a key role in aggregating individual cybersecurity assessments to measure the overall posture of business units and the organization. This position requires a strong foundation in statistical analysis, cybersecurity assessment frameworks, and data interpretation to identify trends, measure compliance, and recommend improvements to enhance cybersecurity effectiveness.

• Support the aggregation and analysis of cybersecurity assessment data to evaluate organizational cybersecurity posture.
• Monitor cybersecurity assessment data flows and recommend quality improvement initiatives.
• Develop mappings between existing controls and assessment metrics.
• Perform statistical analyses on large cybersecurity datasets, including calculating standard deviations, trends, and deviations.
• Utilize various tools such as spreadsheets, databases, business intelligence platforms, visualization tools, or programming languages for data analysis (LLM or AI-assisted tools such as ChatGPT are not permitted).
• Identify and map data flows within enterprise networks to support assessment and analysis activities.
• Conduct event log analyses to determine telemetry, chain of events, impact, threats, and recovery or mitigation steps leveraging Splunk as a key SIEM tool.
• Use the MITRE ATT&CK Framework to support threat hunting and detection-building in Splunk (a plus).
• Provide actionable insights and recommendations to improve cybersecurity posture based on data-driven findings.

• At least 1 year of experience performing statistical analysis on large cybersecurity datasets.
• Demonstrated experience using analytic methods and tools to interpret complex data (without AI-assisted solutions).
• Minimum of 2 years of experience conducting federal cybersecurity assessments measuring compliance with NIST 800-53 rev 4 or newer.
• Minimum of 2 years of experience with FISMA compliance assessments.
• Minimum of 2 years of experience in a customer-facing role with demonstrated ability to assess compliance, document findings, and provide actionable recommendations.
• Experience identifying and mapping enterprise data flows.
• Experience with event log analysis and SIEM tools such as Splunk.
• Experience with the MITRE ATT&CK Framework (preferred).
• Experience as a SOC Analyst using Splunk (preferred).
• Active Public Trust Clearance and/or clearable for a Government Security Clearance.