Senior Threat Hunter
cFocus Software Incorporated
cFocus Software seeks a Threat Hunter to support the Administrative Offices of the United States Courts (AOUSC) in Washington, DC. This position will require 4 days a week onsite at the Thurgood Marshall Building and 1 day remote with hours of 8am- 4:30pm.
Required Qualifications include:
Duties and Responsibilities:
Required Qualifications include:
- Ability to obtain a Public Trust
- 5 years of experience performing threat hunts & incident response activities for cloud-based and non-cloud-based environments, such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler
- 5 years of experience performing hypothesis-based threat hunt & incident response utilizing Splunk Enterprise Security.
- 5 years of experience collecting and analyzing data from compromised systems using EDR agents (e.g. CrowdStrike ) and custom scripts (e.g. Sysmon & Auditd )
- 5 years of experience with the following threat hunting tools:
- Microsoft Sentinel for threat hunting within Microsoft Azure;
- Tenable Nessus and SYN/ACK for vulnerability management;
- NetScout for analyzing network traffic flow;
- SPUR.us enrichment of addresses
- Mandiant Threat intel feeds
- Must be able to work 80% (Monday thru Thursday) onsite at AOUSC office in Washington, DC
- One of the following certifications:
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Continuous Monitoring (GMON)
- GIAC Defending Advanced Threats (GDAT)
- Splunk Core Power User
Duties and Responsibilities:
- Provide incident response services after an incident is declared and provides a service that proactively searches for security incidents that would not normally be detected through automated alerting.
- The Threat Hunt mission is to explore datasets across the judicial fabric to identify unique anomalies that may be indicative of threat actor activity based on the assumption that the adversary is already present in the judicial fabric. The extended mission is to conduct counterintelligence, build threat actor dossiers, disrupt adversary operations, identify misconfigurations/ vulnerabilities, and identify visibility/detection gaps, if any. Human analytical thinking is imperative to the primary and extended missions as it is up to the threat hunter to find signs of an intrusion that have bypassed the automatic detection process that may already be in place.
- Accept and respond to government technical requests through the AOUSC ITSM ticket (e.g., HEAT or Service Now), for threat hunt support. Threat hunt targets include cloud-based and non-cloud-based applications such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Cloud Access Security Brokers (i.e., Zscaler).
- Review and analyze risk-based Security information and event management (SIEM) alerts when developing hunt hypotheses.
- Review open-source intelligence about threat actors when developing hunt hypotheses.
- Plan, conduct, and document iterative, hypothesis based, tactics, techniques, and procedures (TTP) hunts utilizing the agile scrum project management methodology.
- At the conclusion of each hunt, propose, discuss, and document custom searches for automated detection of threat actor activity based on the hunt hypothesis.
- Configure, deploy, and troubleshoot Endpoint Detection and Response agents (e.g., CrowdStrike and Sysmon).
- Collect and analyze data from compromised systems using EDR agents and custom scripts provided by the AOUSC.
- Track and document cyber defense incidents from initial detection through final resolution.
- Interface with IT contacts at court or vendor to install or diagnose problems with EDR agents.
- Participate in government led after action reviews of incidents.
- Triage malware events to identify the root cause of specific activity.
- Attend daily Agile Scrum standups and report progress on assigned Jira stories.
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Senior Threat Hunter in Washington DC vacancy
- ...worldwide. Job Description ***** This position is contingent upon contract award ***** Overview SOSi is seeking a Senior Threat Hunter to support proactive cyber defense activities in alignment with our customer. This role is responsible for conducting threat...SeniorFull timeContract workWork at officeWorldwideMonday to FridayWeekend workAfternoon shift
SOS International LLC
Washington DC4 days ago - A technology consulting firm is seeking a Threat Hunter for the Administrative Offices of the United States Courts in Washington, DC. This position requires substantial experience in threat hunting and incident response, specifically in cloud and non-cloud environments....SeniorRemote job
- ...activity and lead incident response efforts. Responsibilities include triaging alerts, building detection signatures, and conducting threat hunting. The ideal candidate has experience in security monitoring and Python development, along with strong communication skills....Senior
- Salesforce is looking for a Senior Insider Threat Analyst to join our Insider Threat Program. This role involves conducting detailed investigations into insider threats, documenting findings, and providing insights to enhance security measures. The ideal candidate will...Senior
- ...cybersecurity firm is looking for Cyber Eviction Analysts in Arlington, Virginia. This role involves incident response, analyzing threats, and advising technical personnel on countermeasures. Candidates must have active TS/SCI clearance, a relevant degree, and extensive...Senior
- cFocus Software seeks a Mid Level Cyber Threat Hunter to join our program supporting US Courts in Washington, DC. This position is 4 days a week onsite in DC and one day remote. Required Qualifications include: ~3- 5 years of experience performing threat hunts & incident...Work at officeRemote work
cFocus Software Incorporated
Washington DC7 hours ago $94.1k - $150k
...Position Overview The Cyber Threat Hunter proactively protects enterprise environments from advanced cyber threats by analyzing network, endpoint, and log data to identify malicious activity that may evade conventional security controls. This role establishes normal...Contract workWork at officeASM Research, An Accenture Federal Services Company
Washington DC1 day ago- ...Candidates must possess a TS/SCI clearance and have at least 8 years of relevant experience in incident response, knowledge of operational threat environments, and strong communication skills. This position values collaboration and encourages innovation in tackling complex...SeniorRemote work
- A leading technology company is seeking a Cyber Threat Hunter to join their Defensive Cyber Operations team in Washington, DC. The role involves developing hunt campaigns, conducting advanced telemetry analysis, and maintaining high levels of situational awareness regarding...Remote work
- ...join the Department of Commerce in Washington D.C. The position requires leading incident response activities and conducting cyber threat analysis. To qualify, applicants must have specialized experience and demonstrate skills in attention to detail, customer service,...Work at office
- ...Responder to support the Administrative Offices of the United States Courts in Washington, DC. This role involves incident response and threat hunting, requiring a minimum of 5 years of experience across cloud and non-cloud environments, as well as proficiency in tools like...
$107.9k - $195.05k
Description The Leidos Digital Modernization sector is looking for a Cyber Threat Hunter to support a Defensive Cyber Operations (DCO) team in Washington, DC. This position is expected to become available in Summer 2026. Our team provides mission critical, 24/7 operational...Summer workCasual workLocal areaImmediate startRemote workShift workNight shiftRotating shift$150k - $180k
A government contracting firm in Bethesda is seeking a Threat Hunter to maximize cybersecurity efforts in the Client's SOC. The role requires expertise in threat hunting, incident response, and malware analysis, along with 8+ years of relevant experience. Responsibilities...$150k - $180k
Overview Edgewater Federal Solutions is currently seeking a Threat Hunter to provide threat hunting expertise and support to maximize cyber fusion throughout the Client’s SOC, ensuring the Client’s infrastructure and operations remain safe and secure from the full spectrum...Contract workImmediate startFlexible hours- A leading technology firm is seeking a Cyber Threat Hunter to join their team in Washington, DC. This hybrid position involves developing and executing threat hunting campaigns, analyzing complex datasets, and crafting detailed technical reports. Candidates should have...
- ...field, along with strong analytical skills. Familiarity with SOC processes and various cybersecurity tools is required. Current DoD TS/SCI clearance is mandatory. This role involves shift work and demands proactive threat analysis. #J-18808-Ljbffr Base One TechnologiesShift work
- ...cybersecurity firm in Arlington, Virginia, is seeking a Computer Network Defense Analyst to monitor network activity, analyze cyber threats, and recommend proactive measures to contain incidents. The ideal candidate will have over 5 years of experience in cyber defense...
- A minority-owned technology firm in Arlington, VA, is seeking an Incident Response Expert / Cyber Eviction Analyst. This role requires 8+ years of cyber incident response experience and the ability to manage critical incidents effectively. The ideal candidate will have ...
- cFocus Software Incorporated is seeking an Insider Threat Program Lead in Washington, D.C. This role involves designing and overseeing insider threat detection and analysis for a federal enterprise environment. The ideal candidate should have over 10 years of cybersecurity...Senior
$128k - $160k
A leading law firm is seeking an Information Security Analyst III in Washington, DC. This role is crucial for monitoring security threats, analyzing incidents, and advising on security controls to protect the organization's IT infrastructure. Candidates should possess a...Senior- ...in Washington, DC. The ideal candidate will have 8+ years of cybersecurity experience with specific expertise in incident response, threat hunting, and SIEM technologies like Splunk and ExtraHop. Responsibilities include leading operations and guiding teams during high-...Senior
- Solutions Technology Inc. (STI) is seeking a Cyber Eviction Analyst in Arlington, Virginia. This role entails proactive threat hunting, incident response, and technical analysis focusing on complex cybersecurity challenges. Candidates must have 8+ years of relevant experience...Senior
- ...seeking a Cyber Eviction Analyst to join their incident response team in Arlington, Virginia. The role involves conducting proactive threat hunting, analyzing security breaches, and communicating complex findings to stakeholders. Candidates must have at least 8 years of...Senior
$93.4k - $176.2k
A technology firm serving the federal government seeks a Cyber Threat Intelligence Analyst in Washington, DC. The role requires extensive experience in cybersecurity analysis, including written assessments of vulnerabilities and threat intelligence. Ideal candidates will...Senior- A leading cybersecurity solutions provider in Arlington, Virginia is seeking motivated individuals to support cyber threat intelligence efforts. Ideal candidates will have 5+ years of experience, U.S. Citizenship, and an active TS/SCI Clearance. Responsibilities include...Senior
- A defense technology company in Washington, DC seeks an experienced RF Engineer to design RF subsystems for threat simulators and analyze seeker threats. Candidates must have a BS or MS in electrical engineering or physics and at least seven years of relevant experience...Senior
- The Hong Kong Study Skills Research Institute is looking for a Senior Cyber Threat Intelligence Analyst to work fully remote, supporting cybersecurity initiatives. This position requires active Public Trust clearance. The ideal candidate will have extensive experience in...SeniorRemote job
- EmergencyMD is seeking a Lead Cyber Threat Analyst to address advanced cyber threats in Washington, D.C. This role includes leading threat analysis, conducting threat hunting, managing SOC operations, and collaborating with cross-functional teams. The ideal candidate should...Senior
- TRM Labs, based in the UK, is looking for a Senior Manager, Threat Intelligence Operations. This role involves leading a high-performing team of analysts in tracking illicit cryptocurrency activities. The successful candidate will have over 8 years of experience in intelligence...Senior
- cFocus Software Incorporated in Washington, DC, is seeking a Cyber Threat Intelligence & Threat Hunting Lead to oversee integrated cyber threat operations and enhance enterprise defenses. The ideal candidate will have over 10 years of experience in cybersecurity, particularly...Senior
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Threat Hunter. Be the first to apply!
Related searches
- hunter Washington DC
- sales hunter Washington DC
- cyber threat hunter Washington DC
- senior development executive Washington DC
- senior technical manager Washington DC
- senior communications specialist Washington DC
- senior manager data science Washington DC
- senior platform engineer Washington DC
- senior procurement Washington DC
- senior director product management Washington DC