Cyber Threat Hunter

MANTECH seeks a motivated, career and customer-oriented Cyber Threat Hunter to join our team in Mclean, VA .

The Cyber Threat Hunter will leverage their strong technical background and knowledge to proactively detect, investigate, and mitigate cyber threats within our large enterprise environment.

Responsibilities include but are not limited to:

• Conducting proactive threat hunting using the HMM-4 approach and MITRE ATT&CK framework.
• Developing and refining hypotheses for targeted threat hunts based on threat intelligence, internal data, and analysis of attacker tactics, techniques, and procedures (TTPs).
• Collaborating with internal teams to collect and analyze security event data from various sources, such as logs, alerts, network traffic, and endpoint telemetry.
• Utilizing cutting-edge tools and technologies to identify indicators of compromise (IOCs) and anomalies that may indicate potential threats.
• Performing in-depth analysis of identified threats, assessing their impact, and recommending appropriate mitigation and response strategies.
• Documenting investigative objectives and producing detailed reports on findings, including root cause analysis, recommendations for remediation, and enhanced detections where defensive gaps are identified.
• Staying up to date with the latest cyber threats, attack techniques, and security technologies through continuous learning and knowledge sharing.

Minimum Qualifications:

• 2+ years of professional experience as a cyber security analyst, incident responder, and/or other closely related cyber security discipline.
• Experience with SIEM platforms, EDR solutions, network traffic analysis, and an understanding of cloud environments (AWS, Azure, etc.).
• Experience with problem-solving skills with the ability to translate complex technical findings in a clear, complete, and accurate manner for technical and non-technical audiences.
• Relevant industry certifications and a solid foundation in network protocols and Microsoft Windows endpoint security.

Preferred Qualifications:

• Bachelor’s degree in cyber security/information security, computer science, engineering, or other closely related IT discipline).
• 4+ years of professional experience in a cyber-security related capacity.
• Demonstrated understanding of or proficiency in using cyber threat hunting models, the MITRE ATT&CK framework, and mapping adversary TTPs to observed activities.
• More advanced industry-relevant professional certifications (e.g., CISSP, GCIH, CThH, CySA+).

Clearance Requirements:

• An active TS/SCI with Polygraph is required for this position.

Physical Requirements:

• Must be able to remain in a stationary position 50%.
• Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
• Frequently communicates with co-workers, management, and customers, which may involve delivering presentations.
• Must be able to exchange accurate information in these situations.