Senior Threat Hunter
cFocus Software Incorporated
cFocus Software seeks a Threat Hunter to support the Administrative Offices of the United States Courts (AOUSC) in Washington, DC. This position will require 4 days a week onsite at the Thurgood Marshall Building and 1 day remote with hours of 8am- 4:30pm.
Required Qualifications include:
Duties and Responsibilities:
Required Qualifications include:
- Ability to obtain a Public Trust
- 5 years of experience performing threat hunts & incident response activities for cloud-based and non-cloud-based environments, such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler
- 5 years of experience performing hypothesis-based threat hunt & incident response utilizing Splunk Enterprise Security.
- 5 years of experience collecting and analyzing data from compromised systems using EDR agents (e.g. CrowdStrike ) and custom scripts (e.g. Sysmon & Auditd )
- 5 years of experience with the following threat hunting tools:
- Microsoft Sentinel for threat hunting within Microsoft Azure;
- Tenable Nessus and SYN/ACK for vulnerability management;
- NetScout for analyzing network traffic flow;
- SPUR.us enrichment of addresses
- Mandiant Threat intel feeds
- Must be able to work 80% (Monday thru Thursday) onsite at AOUSC office in Washington, DC
- One of the following certifications:
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Continuous Monitoring (GMON)
- GIAC Defending Advanced Threats (GDAT)
- Splunk Core Power User
Duties and Responsibilities:
- Provide incident response services after an incident is declared and provides a service that proactively searches for security incidents that would not normally be detected through automated alerting.
- The Threat Hunt mission is to explore datasets across the judicial fabric to identify unique anomalies that may be indicative of threat actor activity based on the assumption that the adversary is already present in the judicial fabric. The extended mission is to conduct counterintelligence, build threat actor dossiers, disrupt adversary operations, identify misconfigurations/ vulnerabilities, and identify visibility/detection gaps, if any. Human analytical thinking is imperative to the primary and extended missions as it is up to the threat hunter to find signs of an intrusion that have bypassed the automatic detection process that may already be in place.
- Accept and respond to government technical requests through the AOUSC ITSM ticket (e.g., HEAT or Service Now), for threat hunt support. Threat hunt targets include cloud-based and non-cloud-based applications such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Cloud Access Security Brokers (i.e., Zscaler).
- Review and analyze risk-based Security information and event management (SIEM) alerts when developing hunt hypotheses.
- Review open-source intelligence about threat actors when developing hunt hypotheses.
- Plan, conduct, and document iterative, hypothesis based, tactics, techniques, and procedures (TTP) hunts utilizing the agile scrum project management methodology.
- At the conclusion of each hunt, propose, discuss, and document custom searches for automated detection of threat actor activity based on the hunt hypothesis.
- Configure, deploy, and troubleshoot Endpoint Detection and Response agents (e.g., CrowdStrike and Sysmon).
- Collect and analyze data from compromised systems using EDR agents and custom scripts provided by the AOUSC.
- Track and document cyber defense incidents from initial detection through final resolution.
- Interface with IT contacts at court or vendor to install or diagnose problems with EDR agents.
- Participate in government led after action reviews of incidents.
- Triage malware events to identify the root cause of specific activity.
- Attend daily Agile Scrum standups and report progress on assigned Jira stories.
Vacancy posted 7 days ago
Similar jobs that could be interesting for youBased on the Senior Threat Hunter in Washington DC vacancy
- ...worldwide. Job Description ***** This position is contingent upon contract award ***** Overview SOSi is seeking a Senior Threat Hunter to support proactive cyber defense activities in alignment with our customer. This role is responsible for conducting threat...SeniorFull timeContract workWork at officeWorldwideMonday to FridayWeekend workAfternoon shift
SOS International LLC
Washington DC2 days ago - A technology consulting firm is seeking a Threat Hunter for the Administrative Offices of the United States Courts in Washington, DC. This position requires substantial experience in threat hunting and incident response, specifically in cloud and non-cloud environments....SeniorRemote job
$166k - $220k
...involves monitoring alerts and responding to incidents across various environments, focusing on optimization of detection signatures and threat hunting. Candidates should have experience in security monitoring, log analysis, and Python development, along with strong...Senior- ...activity and lead incident response efforts. Responsibilities include triaging alerts, building detection signatures, and conducting threat hunting. The ideal candidate has experience in security monitoring and Python development, along with strong communication skills....Senior
- cFocus Software seeks a Mid Level Cyber Threat Hunter to join our program supporting US Courts in Washington, DC. This position is 4 days a week onsite in DC and one day remote. Required Qualifications include: ~3- 5 years of experience performing threat hunts & incident...SuggestedWork at officeRemote work
cFocus Software Incorporated
Washington DC3 days ago - ...join the Department of Commerce in Washington D.C. The position requires leading incident response activities and conducting cyber threat analysis. To qualify, applicants must have specialized experience and demonstrate skills in attention to detail, customer service,...Work at office
- ...Responder to support the Administrative Offices of the United States Courts in Washington, DC. This role involves incident response and threat hunting, requiring a minimum of 5 years of experience across cloud and non-cloud environments, as well as proficiency in tools like...
$107.9k - $195.05k
Description The Leidos Digital Modernization sector is looking for a Cyber Threat Hunter to support a Defensive Cyber Operations (DCO) team in Washington, DC. This position is expected to become available in Summer 2026. Our team provides mission critical, 24/7 operational...Summer workCasual workLocal areaImmediate startRemote workShift workNight shiftRotating shift$165k - $260.5k
...act fearlessly, and create an inclusive environment that drives positive impact to join our team. What you'll do As a Cyber Threat Hunter with a focus on Cyber Threat Intelligence (CTI), you will play a critical, proactive role in safeguarding our organization from...Immediate startShift workViaSat
Washington DC5 days ago- ...field, along with strong analytical skills. Familiarity with SOC processes and various cybersecurity tools is required. Current DoD TS/SCI clearance is mandatory. This role involves shift work and demands proactive threat analysis. #J-18808-Ljbffr Base One TechnologiesShift work
- A leading cybersecurity firm is seeking a Principal Threat Intelligence Researcher to deliver critical intelligence insights for clients. This remote role requires at least 7 years in the cyber threat intelligence field, exceptional analytical and communication skills,...SeniorRemote work
Palo Alto Networks
Arlington, VA1 day ago - ...in Washington, DC. The ideal candidate will have 8+ years of cybersecurity experience with specific expertise in incident response, threat hunting, and SIEM technologies like Splunk and ExtraHop. Responsibilities include leading operations and guiding teams during high-...Senior
$128k - $160k
A leading law firm is seeking an Information Security Analyst III in Washington, DC. This role is crucial for monitoring security threats, analyzing incidents, and advising on security controls to protect the organization's IT infrastructure. Candidates should possess a...Senior- A defense technology company in Washington, DC seeks an experienced RF Engineer to design RF subsystems for threat simulators and analyze seeker threats. Candidates must have a BS or MS in electrical engineering or physics and at least seven years of relevant experience...Senior
- The Hong Kong Study Skills Research Institute is looking for a Senior Cyber Threat Intelligence Analyst to work fully remote, supporting cybersecurity initiatives. This position requires active Public Trust clearance. The ideal candidate will have extensive experience in...SeniorRemote job
$107.93k - $188.9k
Deloitte is seeking a Threat Hunter, Cyber Defense & Resilience to support proactive cyber threat detection, analysis, and response in complex client environments. This role focuses on identifying adversary behavior, investigating suspicious activity, and improving defensive...- EmergencyMD is seeking a Lead Cyber Threat Analyst to address advanced cyber threats in Washington, D.C. This role includes leading threat analysis, conducting threat hunting, managing SOC operations, and collaborating with cross-functional teams. The ideal candidate should...Senior
- TRM Labs, based in the UK, is looking for a Senior Manager, Threat Intelligence Operations. This role involves leading a high-performing team of analysts in tracking illicit cryptocurrency activities. The successful candidate will have over 8 years of experience in intelligence...Senior
$140.5k - $210k
...detection systems, ensuring the protection of IT assets. This role involves using advanced analytical skills to respond to cybersecurity threats effectively. Candidates must have a bachelor's degree in computer science or a related field and possess expert knowledge in...Senior- Terrestris Global Solutions in Washington, DC is seeking a Senior Security Operations Analyst to monitor and respond to cybersecurity threats. The candidate will analyze security events, manage incident response, and support the National Indian Gaming Commission's cybersecurity...Senior
$140.5k - $210.5k
...assessments. The role demands a Bachelor's degree in a related field and 6-8 years of experience in cybersecurity. Key duties include threat intelligence analysis, incident response, and leading vulnerability management projects. The position is on-site in Washington and...Senior- SOSi is seeking a Cyber Intelligence Analyst III in Washington, DC, to support cyber threat intelligence activities. This role involves conducting cyber threat analysis, producing briefings for leadership, and applying intelligence analysis methodologies like MITRE ATT...SeniorRemote jobWork at office
$100k - $140k
...framework. Collaborate with DevOps teams to integrate security into CI/CD pipelines (DevSecOps). Stay current with emerging cloud threats, vulnerabilities, and security technologies. Provide subject-matter expertise during cloud migrations and transformation...SeniorSunTrust Investment Services, Inc.
Washington DC2 days ago$150k - $201.6k
...Orrick currently has an excellent opportunity for a Senior IT Security Engineer, Threat Response. This position could be based in any of our U.S. offices... ...for 100% remote US locationsResponsibilitiesAs a Threat Hunter, you will play a critical role in protecting Orrick by...SeniorTemporary workRemote workFlexible hoursOrrick
Washington DC12 hours ago- ...enabling faster and more effective mission outcomes. Position Overview: Praescient Analytics is seeking a highly skilled Senior Cyber Threat Analyst to join our team. This role requires an experienced professional with a TS/SCI clearance to plan, implement, and...SeniorFull timeLocal area
Praescient Analytics
Arlington, VA1 day ago $219.1k - $301.3k
Overview Solutions Architects at Databricks lead the growth of the Databricks Unified Analytics Platform. As a team, we have expertise in cloud platforms, data engineering, data analytics, and data science and machine learning. As a member of our team, you will exercise...SeniorLocal areaWorldwideDatabricks
Washington DC1 day ago$100k - $140k
...framework. Collaborate with DevOps teams to integrate security into CI/CD pipelines (DevSecOps). Stay current with emerging cloud threats, vulnerabilities, and security technologies. Provide subject-matter expertise during cloud migrations and transformation...SeniorFull timePart timeShift workDay shiftTruist Inc
Washington DC1 day ago- ...Job Description Job Description Job Title: Senior Cyber Analyst City: Alexandria State: Virginia Position Requirements... ...with intelligence tools including Defense Intelligence Threat Library, Validated Online Lifecycle Threat reports, Community On...SeniorWork experience placementWork at officeLocal area
Noetic Strategies Inc.
Alexandria, VA24 days ago - ..., Bureau of International Security (ISN), Office of Cooperative Threat Reduction (CTR)’s global programs aimed at reducing threats posed... ...as associated material, equipment, and expertise. The Senior Consultant will provide advanced professional, scientific, and...SeniorContract workWork at office
Dynamics ATS Organic
Washington DC9 days ago $81.9k - $128.7k
DuPont is seeking a Business Development Specialist for the Life Sciences sector, focused on the East Coast region. This role involves hunting for new business opportunities, expanding market presence, and maintaining sales pipelines. Candidates should have a bachelor'...Remote workDuPont
Washington DC5 days ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Threat Hunter. Be the first to apply!
Related searches
- sales hunter Washington DC
- hunter Washington DC
- senior game producer Washington DC
- senior manager process engineering Washington DC
- senior manufacturing engineer Washington DC
- senior manager clinical operations Washington DC
- senior community manager Washington DC
- senior lead project manager Washington DC
- senior manager quality engineering Washington DC
- senior device engineer Washington DC