AOUSC - Threat Hunt Lead
cFocus Software Incorporated
cFocus Software seeks a Threat Hunt Lead to join our program supporting the Administrative Office of the United States Courts (AOUSC). This position is Hybrid with the onsite location being in Washington, DC. This position requires a Public Trust clearance. Qualifications: Active Public Trust clearance B.S. Computer Science, Information Technology, or a related field 5+ years within IR in a large SOC (over 5,000 endpoints) with at least 3 years focused on proactive threat hunting or adversary emulation. 3+ years of experience with demonstrated proficiency in forming hypothesis, querying large datasets and identifying APT behavior. 2+ years’ experience with demonstrated proficiency in scripting languages including Python and PowerShell to develop new tools. This role most closely aligns with the NICE work role PD-WRL-006 (Threat Analysis). Active OSCP or GXPN certification Duties: Lead proactive threat hunting operations to identify Advanced Persistent Threats (APT), insider threats, malicious activity, and anomalous behaviors that evade traditional security controls. Develop and execute hypothesis-driven threat hunts leveraging threat intelligence, adversary tactics, techniques, and procedures (TTPs), behavioral analytics, and anomalous telemetry. Coordinate threat hunt activities within Agile two‑week sprint cycles and ensure successful execution of all assigned hunt objectives and deliverables. Develop Threat Hunt Execution Plans that define hunt hypotheses, objectives, technical methodologies, required telemetry, and investigative procedures. Analyze endpoint, network, cloud, identity, SIEM, EDR, and log telemetry to identify indicators of compromise (IOCs), suspicious activity, and attack patterns. Coordinate and escalate confirmed or suspected findings to the Cybersecurity Triage and Incident Response teams in accordance with the Judiciary SOC Incident Response Plan (JSOCIRP). Collaborate with Detection Engineering teams to identify and remediate logging, telemetry, detection, or visibility gaps discovered during threat hunting operations. Work closely with Cyber Threat Intelligence teams to operationalize intelligence, enrich investigations, and identify emerging threats impacting the Judiciary. Conduct advanced analysis of threat actor behaviors, malware campaigns, phishing activity, suspicious infrastructure, and attack trends. Develop detailed Threat Hunt Reports documenting hunt objectives, findings, TTPs, queries used, telemetry gaps, identified risks, and recommendations for improved detections. Produce executive‑level Hunt Sprint Reports summarizing hunt activities, operational impacts, recommendations, and emerging cyber‑security risks. Provide real‑time investigative support during cybersecurity incidents and high‑priority threat investigations. Perform analysis utilizing Splunk Enterprise Security, Microsoft Sentinel, Splunk SOAR, CrowdStrike, Qualys, ServiceNow, Jira, and other AO‑approved security platforms. Support the development and refinement of threat models tailored to Judiciary systems, high‑value assets, and mission‑critical environments. Develop and maintain threat hunting SOPs, playbooks, technical procedures, and investigative methodologies aligned with AO and federal cybersecurity standards. Support enterprise security awareness initiatives through threat briefings, technical reporting, and operational presentations. Participate in weekly technical meetings, operational reviews, and status briefings with AO leadership and federal stakeholders. Provide mentorship, technical guidance, and quality oversight to threat hunters and supporting analysts. Support transition‑in and transition‑out activities, operational readiness, documentation development, and knowledge transfer activities. Drive continuous improvement initiatives focused on detection coverage, telemetry enrichment, operational efficiency, and threat hunting maturity. #J-18808-Ljbffr cFocus Software Incorporated
- Cyber Threat Intelligence & Threat Hunting Lead Position Overview The Cyber Threat Intelligence & Threat Hunting Lead will oversee integrated cyber threat intelligence (CTI), detection engineering, and proactive threat hunting operations supporting enterprise cyber defense...Suggested
- cFocus Software Incorporated seeks a Threat Hunt Lead to join our program supporting the Administrative Office of the United States Courts (AOUSC). The role is hybrid with onsite in Washington, DC and requires a Public Trust clearance. The successful candidate will lead...SuggestedWork at office
- ...A leading consulting firm is seeking a Security Operations Lead to oversee SOC functions and manage a team of Analysts and Engineers... ...experience with specific expertise in incident response, threat hunting, and SIEM technologies like Splunk and ExtraHop. Responsibilities...Suggested
- Position Title Threat Emulation & Readiness Lead / Red Team Lead Position Overview The Threat Emulation & Readiness Lead will oversee adversary emulation... ...behaviors. Coordinate closely with SOC, CTI, Threat Hunt, and Detection Engineering teams. Assess detection and...Suggested
- ...cybersecurity monitoring and incident response support. You will lead efforts to strengthen security through effective use of SIEM... ...will have 10+ years of IT security experience, expertise in threat hunting, and strong knowledge in cybersecurity frameworks. Join our team...Suggested
- Information International Associates, Inc. is seeking a Cyber Threat Intelligence (CTI) Lead in Alexandria, VA. This role involves providing technical support to a 24x7 cyber program with responsibilities including the development of CTI analysis and incident response....
$145k - $200k
A leading software company in Washington, D.C. seeks a Defensive Security Analyst to safeguard their global operations. The role involves managing SOC systems and developing threat detection strategies. Ideal candidates should have a TS/SCI Clearance and experience in...- ...an experienced Senior Cyber Security Incident Response & Threat Intelligence Analyst to lead complex incident response efforts within our CSOC. You... ...mitigate threats across the enterprise, developing SIEM rules, hunting adversaries, and coordinating with threat intel and...
- cFocus Software seeks a Forensic and Malware Lead to join our program supporting the... ...Administrative Office of the United States Courts (AOUSC). This position is Hybrid with the onsite... ...Support analysis of advanced persistent threats (APT), ransomware, phishing campaigns,...Work at office
- Evolver Federal is seeking a Lead Cyber Threat Analyst to fulfil a requirement for a potential government client. The Lead Cyber Threat Analyst... ...infrastructure. This role focuses on proactive threat hunting, intelligence analysis, and developing strategies to detect and...Flexible hours
- ...Position Title Insider Threat Program Lead Position Overview The Insider Threat Lead will design, mature, and oversee insider threat detection, analysis, and investigative support capabilities for a federal enterprise environment. The Lead will integrate user...Full time
- cFocus Software seeks a Blue Team Lead to join our program supporting... ...of the United States Courts (AOUSC). This position is Hybrid with... ...aligned to current cyber threats, adversary tactics, techniques... ...Detection Engineering, Threat Hunting, Incident Response, and Cyber...Full timeWork at office
- Revolutional is looking for a Senior Threat Hunter to proactively search for threats that automated tools miss. You will utilize analytical skills and advanced data techniques to hunt for APTs across various network environments. The ideal candidate will have a minimum...Remote job
- ...seeks an Incident Response Expert III to join a federal cybersecurity program supporting DHS’s Hunt and Incident Response Team (HIRT). The role demands deep knowledge of threat actor tools, techniques, and procedures used in complex investigations. You will analyze...
$140.5k - $210k
...detection systems, ensuring the protection of IT assets. This role involves using advanced analytical skills to respond to cybersecurity threats effectively. Candidates must have a bachelor's degree in computer science or a related field and possess expert knowledge in...- Position Title SOC Operations Lead / Managed Detection & Response (MDR) Lead Position Overview The SOC Operations Lead will oversee... ...and incident impact assessments Coordinate closely with Threat Hunting, CTI, Detection Engineering, and Incident Response teams. Brief...
- ...US Export-Import Bank of the United States is seeking a qualified individual for a specialized position focused on managing insider threat and security programs. Candidates need experience equivalent to GS-13 level, especially in developing policies and conducting risk...
- ...Manager (Defense Improvement Analysis) to lead adversary simulations, deconstruct attack flows, and drive improvements in threat detection. You will work across offensive and... ...security, experience with threat hunting and detection engineering in cloud or hybrid...
- Overview The Counter-UAS Emerging Threat & Risk Analysis Team Lead will direct a team responsible for identifying, assessing, and mitigating evolving unmanned aircraft system (UAS) threats to critical infrastructure and national security. This role involves strategic risk...Temporary workFor contractorsLocal areaFlexible hours
$129k - $171k
Anduril Industries in Washington, D.C. is seeking a CI Analyst Lead to enhance its security program. The ideal candidate will possess a strong background in counterintelligence, analyzing threats from nation-state actors, and will leverage data to identify and mitigate...- ...experienced Cyber Security professional to join their Offensive Security Purple Team. The role involves identifying vulnerabilities, threat hunting, and collaborating with various stakeholders to enhance cyber defense. The ideal candidate will have a strong background in...
- Anduril Industries is seeking a CI Analyst Lead to protect its assets and personnel from threats posed by nation state actors and insiders. This role requires expertise in intelligence analysis and critical thinking to develop actionable insights for continuous improvement...
$166k - $220k
...will manage program execution, collaborate with engineers and government stakeholders, and ensure the successful delivery of digital threat representations. This role requires an active U.S. Security Clearance, a bachelor's degree in a technical field, and at least 4...- Amyx, Inc. is seeking a Team Lead for Counter-UAS Emerging Threat & Risk Analysis in Washington, DC. The role directs a team responsible for identifying, assessing, and mitigating evolving UAS threats to critical infrastructure and national security. The position emphasizes...
- JPMorgan Chase seeks an experienced Insider Threat Program Manager to own strategy, execution, and measurable outcomes protecting people, data, and platforms. You will translate complex signals into decisive actions and partner with Cybersecurity, Risk Management & Compliance...
- ## Senior Lead Insider Threat Investigator (US)Postulerremote type: À distancelocations: Mount Laurel, New Jersey: Remote Charlotte (NC): Remote Port Charlotte (FL)time type: Temps pleinposted on: Publié aujourd'huitime left to apply: Date de fin : 3 juillet 2026 (Il reste...Temporary workWork at officeLocal areaRemote workWork from homeFlexible hours
- Anthropic is seeking a threat intel manager to build and run the CBRN-E & Advanced Weapons team within Threat Intelligence. This role detects... ...-E threats and for development of advanced weapons. You will lead a team of investigators with deep domain expertise, engage with...Weekend work
- JPMorgan Chase & Co. is seeking an Insider Threat Program Manager to develop a mission-critical capability at a global scale. You will own the strategy and execution to protect the firm’s workforce and assets, working closely with various departments. The role requires...
$140k - $160k
Constant Associates is seeking an Emerging Threats Portfolio Manager based in Washington, DC. This role involves building and leading a portfolio across national security and complex risk environments. The ideal candidate will have over 10 years of experience supporting...Remote work- ...cybersecurity team supporting a large Federal Government client. The role focuses on offensive security, adversarial emulation, and real-world threat actor TTPs within engagement rules. You will conduct penetration testing, develop test plans, mentor junior analysts, and produce...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to AOUSC - Threat Hunt Lead. Be the first to apply!

