Senior Threat Hunter
cFocus Software Incorporated
cFocus Software seeks a Threat Hunter to support the Administrative Offices of the United States Courts (AOUSC) in Washington, DC. This position will require 4 days a week onsite at the Thurgood Marshall Building and 1 day remote with hours of 8am- 4:30pm.
Required Qualifications include:
Duties and Responsibilities:
Required Qualifications include:
- Ability to obtain a Public Trust
- 5 years of experience performing threat hunts & incident response activities for cloud-based and non-cloud-based environments, such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler
- 5 years of experience performing hypothesis-based threat hunt & incident response utilizing Splunk Enterprise Security.
- 5 years of experience collecting and analyzing data from compromised systems using EDR agents (e.g. CrowdStrike ) and custom scripts (e.g. Sysmon & Auditd )
- 5 years of experience with the following threat hunting tools:
- Microsoft Sentinel for threat hunting within Microsoft Azure;
- Tenable Nessus and SYN/ACK for vulnerability management;
- NetScout for analyzing network traffic flow;
- SPUR.us enrichment of addresses
- Mandiant Threat intel feeds
- Must be able to work 80% (Monday thru Thursday) onsite at AOUSC office in Washington, DC
- One of the following certifications:
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Continuous Monitoring (GMON)
- GIAC Defending Advanced Threats (GDAT)
- Splunk Core Power User
Duties and Responsibilities:
- Provide incident response services after an incident is declared and provides a service that proactively searches for security incidents that would not normally be detected through automated alerting.
- The Threat Hunt mission is to explore datasets across the judicial fabric to identify unique anomalies that may be indicative of threat actor activity based on the assumption that the adversary is already present in the judicial fabric. The extended mission is to conduct counterintelligence, build threat actor dossiers, disrupt adversary operations, identify misconfigurations/ vulnerabilities, and identify visibility/detection gaps, if any. Human analytical thinking is imperative to the primary and extended missions as it is up to the threat hunter to find signs of an intrusion that have bypassed the automatic detection process that may already be in place.
- Accept and respond to government technical requests through the AOUSC ITSM ticket (e.g., HEAT or Service Now), for threat hunt support. Threat hunt targets include cloud-based and non-cloud-based applications such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Cloud Access Security Brokers (i.e., Zscaler).
- Review and analyze risk-based Security information and event management (SIEM) alerts when developing hunt hypotheses.
- Review open-source intelligence about threat actors when developing hunt hypotheses.
- Plan, conduct, and document iterative, hypothesis based, tactics, techniques, and procedures (TTP) hunts utilizing the agile scrum project management methodology.
- At the conclusion of each hunt, propose, discuss, and document custom searches for automated detection of threat actor activity based on the hunt hypothesis.
- Configure, deploy, and troubleshoot Endpoint Detection and Response agents (e.g., CrowdStrike and Sysmon).
- Collect and analyze data from compromised systems using EDR agents and custom scripts provided by the AOUSC.
- Track and document cyber defense incidents from initial detection through final resolution.
- Interface with IT contacts at court or vendor to install or diagnose problems with EDR agents.
- Participate in government led after action reviews of incidents.
- Triage malware events to identify the root cause of specific activity.
- Attend daily Agile Scrum standups and report progress on assigned Jira stories.
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Senior Threat Hunter in Washington DC vacancy
- ...worldwide. Job Description ***** This position is contingent upon contract award ***** Overview SOSi is seeking a Senior Threat Hunter to support proactive cyber defense activities in alignment with our customer. This role is responsible for conducting threat...SeniorFull timeContract workWork at officeWorldwideMonday to FridayWeekend workAfternoon shift
SOS International LLC
Washington DC4 days ago - A technology consulting firm is seeking a Threat Hunter for the Administrative Offices of the United States Courts in Washington, DC. This position requires substantial experience in threat hunting and incident response, specifically in cloud and non-cloud environments....SeniorRemote job
$166k - $220k
...involves monitoring alerts and responding to incidents across various environments, focusing on optimization of detection signatures and threat hunting. Candidates should have experience in security monitoring, log analysis, and Python development, along with strong...Senior- ...activity and lead incident response efforts. Responsibilities include triaging alerts, building detection signatures, and conducting threat hunting. The ideal candidate has experience in security monitoring and Python development, along with strong communication skills....Senior
- Salesforce is looking for a Senior Insider Threat Analyst to join our Insider Threat Program. This role involves conducting detailed investigations into insider threats, documenting findings, and providing insights to enhance security measures. The ideal candidate will...Senior
- ...cybersecurity firm is looking for Cyber Eviction Analysts in Arlington, Virginia. This role involves incident response, analyzing threats, and advising technical personnel on countermeasures. Candidates must have active TS/SCI clearance, a relevant degree, and extensive...Senior
- cFocus Software seeks a Mid Level Cyber Threat Hunter to join our program supporting US Courts in Washington, DC. This position is 4 days a week onsite in DC and one day remote. Required Qualifications include: ~3- 5 years of experience performing threat hunts & incident...Work at officeRemote work
cFocus Software Incorporated
Washington DC5 days ago $94.1k - $150k
...Position Overview The Cyber Threat Hunter proactively protects enterprise environments from advanced cyber threats by analyzing network, endpoint, and log data to identify malicious activity that may evade conventional security controls. This role establishes normal...Contract workWork at officeASM Research, An Accenture Federal Services Company
Washington DC1 day ago- ...Candidates must possess a TS/SCI clearance and have at least 8 years of relevant experience in incident response, knowledge of operational threat environments, and strong communication skills. This position values collaboration and encourages innovation in tackling complex...SeniorRemote work
- ...join the Department of Commerce in Washington D.C. The position requires leading incident response activities and conducting cyber threat analysis. To qualify, applicants must have specialized experience and demonstrate skills in attention to detail, customer service,...Work at office
- A leading technology company is seeking a Cyber Threat Hunter to join their Defensive Cyber Operations team in Washington, DC. The role involves developing hunt campaigns, conducting advanced telemetry analysis, and maintaining high levels of situational awareness regarding...Remote work
- ...Responder to support the Administrative Offices of the United States Courts in Washington, DC. This role involves incident response and threat hunting, requiring a minimum of 5 years of experience across cloud and non-cloud environments, as well as proficiency in tools like...
$107.9k - $195.05k
Overview The Leidos Digital Modernization sector is looking for a Cyber Threat Hunter to support a Defensive Cyber Operations (DCO) team in Washington, DC. This position is expected to become available in Summer 2026. Our team provides mission critical, 24/7 operational...Summer workCasual workLocal areaRemote workShift workNight shiftRotating shift- A leading technology firm is seeking a Cyber Threat Hunter to join their team in Washington, DC. This hybrid position involves developing and executing threat hunting campaigns, analyzing complex datasets, and crafting detailed technical reports. Candidates should have...
- ...cybersecurity firm in Arlington, Virginia, is seeking a Computer Network Defense Analyst to monitor network activity, analyze cyber threats, and recommend proactive measures to contain incidents. The ideal candidate will have over 5 years of experience in cyber defense...
- MANTECH seeks a motivated, career and customer-oriented Cyber Threat Hunter to join our team in Mclean, VA . The Cyber Threat Hunter will leverage their strong technical background and knowledge to proactively detect, investigate, and mitigate cyber threats within our...Work at officeLocal area
$107.93k - $188.9k
Deloitte is seeking a Threat Hunter, Cyber Defense & Resilience to support proactive cyber threat detection, analysis, and response in complex client environments. This role focuses on identifying adversary behavior, investigating suspicious activity, and improving defensive...- ...be required to have US Citizenship and the ability to obtain a Public Trust Clearance, along with significant experience in cyber threat intelligence analysis. The role demands expertise in evaluating threat intelligence, producing comprehensive reports, and leveraging...Senior
NewGen Technologies (Maryland)
Washington DC1 day ago - A minority-owned technology firm in Arlington, VA, is seeking an Incident Response Expert / Cyber Eviction Analyst. This role requires 8+ years of cyber incident response experience and the ability to manage critical incidents effectively. The ideal candidate will have ...
- A leading cybersecurity firm is seeking a Principal Threat Intelligence Researcher to deliver critical intelligence insights for clients. This remote role requires at least 7 years in the cyber threat intelligence field, exceptional analytical and communication skills,...SeniorRemote work
Palo Alto Networks
Arlington, VA3 days ago $128k - $160k
A leading law firm is seeking an Information Security Analyst III in Washington, DC. This role is crucial for monitoring security threats, analyzing incidents, and advising on security controls to protect the organization's IT infrastructure. Candidates should possess a...Senior- A leading cybersecurity solutions provider in Arlington, Virginia is seeking motivated individuals to support cyber threat intelligence efforts. Ideal candidates will have 5+ years of experience, U.S. Citizenship, and an active TS/SCI Clearance. Responsibilities include...Senior
$93.4k - $176.2k
A technology firm serving the federal government seeks a Cyber Threat Intelligence Analyst in Washington, DC. The role requires extensive experience in cybersecurity analysis, including written assessments of vulnerabilities and threat intelligence. Ideal candidates will...Senior- ...seeking a Cyber Eviction Analyst to join their incident response team in Arlington, Virginia. The role involves conducting proactive threat hunting, analyzing security breaches, and communicating complex findings to stakeholders. Candidates must have at least 8 years of...Senior
- ...in Washington, DC. The ideal candidate will have 8+ years of cybersecurity experience with specific expertise in incident response, threat hunting, and SIEM technologies like Splunk and ExtraHop. Responsibilities include leading operations and guiding teams during high-...Senior
- Solutions Technology Inc. (STI) is seeking a Cyber Eviction Analyst in Arlington, Virginia. This role entails proactive threat hunting, incident response, and technical analysis focusing on complex cybersecurity challenges. Candidates must have 8+ years of relevant experience...Senior
- The Hong Kong Study Skills Research Institute is looking for a Senior Cyber Threat Intelligence Analyst to work fully remote, supporting cybersecurity initiatives. This position requires active Public Trust clearance. The ideal candidate will have extensive experience in...SeniorRemote job
- A technology and engineering firm in Maryland is seeking a Senior Counterintelligence Analyst to support national security efforts by identifying and monitoring foreign intelligence threats. The role requires a deep understanding of cyber investigative techniques and at...Senior
- NewGen Technologies is seeking qualified candidates for a Cyber Threat Intelligence role based in Chandler, Arizona. Ideal candidates will possess an active TS/SCI Clearance and have extensive experience in cyber threat intelligence and management within the Intelligence...Senior
- EmergencyMD is seeking a Lead Cyber Threat Analyst to address advanced cyber threats in Washington, D.C. This role includes leading threat analysis, conducting threat hunting, managing SOC operations, and collaborating with cross-functional teams. The ideal candidate should...Senior
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Threat Hunter. Be the first to apply!
Related searches
- sales hunter Washington DC
- cyber threat hunter Washington DC
- hunter Washington DC
- senior game producer Washington DC
- senior manager process engineering Washington DC
- senior manager clinical operations Washington DC
- senior community manager Washington DC
- senior lead project manager Washington DC
- senior manager quality engineering Washington DC
- senior device engineer Washington DC