Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

AOUSC - Threat Hunt Lead

cFocus Software Incorporated

Job Description

Job Description

cFocus Software seeks a Threat Hunt Lead to join our program supporting the Administrative Office of the United States Courts (AOUSC). This position is Hybrid with the onsite location being in Washington, DC. This position requires a Public Trust clearance.
Qualifications:

  • Active Public Trust clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 5+ years within IR in a large SOC (over 5,000 endpoints) with at least 3 years focused on proactive threat hunting or adversary emulation. 
  • 3+ years of experience with demonstrated proficiency in forming hypothesis, querying large datasets and identifying APT behavior. 
  • 2+ years’ experience with demonstrated proficiency in scripting languages including Python and PowerShell to develop new tools.
  • This role most closely aligns with the NICE work role PD-WRL-006 (Threat Analysis).
  • Active OSCP or GXPN certification
Duties:
  • Lead proactive threat hunting operations to identify Advanced Persistent Threats (APT), insider threats, malicious activity, and anomalous behaviors that evade traditional security controls.
  • Develop and execute hypothesis-driven threat hunts leveraging threat intelligence, adversary tactics, techniques, and procedures (TTPs), behavioral analytics, and anomalous telemetry.
  • Coordinate threat hunt activities within Agile two-week sprint cycles and ensure successful execution of all assigned hunt objectives and deliverables.
  • Develop Threat Hunt Execution Plans that define hunt hypotheses, objectives, technical methodologies, required telemetry, and investigative procedures.
  • Analyze endpoint, network, cloud, identity, SIEM, EDR, and log telemetry to identify indicators of compromise (IOCs), suspicious activity, and attack patterns.
  • Coordinate and escalate confirmed or suspected findings to the Cybersecurity Triage and Incident Response teams in accordance with the Judiciary SOC Incident Response Plan (JSOCIRP).
  • Collaborate with Detection Engineering teams to identify and remediate logging, telemetry, detection, or visibility gaps discovered during threat hunting operations.
  • Work closely with Cyber Threat Intelligence teams to operationalize intelligence, enrich investigations, and identify emerging threats impacting the Judiciary.
  • Conduct advanced analysis of threat actor behaviors, malware campaigns, phishing activity, suspicious infrastructure, and attack trends.
  • Develop detailed Threat Hunt Reports documenting hunt objectives, findings, TTPs, queries used, telemetry gaps, identified risks, and recommendations for improved detections.
  • Produce executive-level Hunt Sprint Reports summarizing hunt activities, operational impacts, recommendations, and emerging cybersecurity risks.
  • Provide real-time investigative support during cybersecurity incidents and high-priority threat investigations.
  • Perform analysis utilizing Splunk Enterprise Security, Microsoft Sentinel, Splunk SOAR, CrowdStrike, Qualys, ServiceNow, Jira, and other AO-approved security platforms.
  • Support the development and refinement of threat models tailored to Judiciary systems, high-value assets, and mission-critical environments.
  • Develop and maintain threat hunting SOPs, playbooks, technical procedures, and investigative methodologies aligned with AO and federal cybersecurity standards.
  • Support enterprise security awareness initiatives through threat briefings, technical reporting, and operational presentations.
  • Participate in weekly technical meetings, operational reviews, and status briefings with AO leadership and federal stakeholders.
  • Provide mentorship, technical guidance, and quality oversight to threat hunters and supporting analysts.
  • Support transition-in and transition-out activities, operational readiness, documentation development, and knowledge transfer activities.
  • Drive continuous improvement initiatives focused on detection coverage, telemetry enrichment, operational efficiency, and threat hunting maturity.

Powered by JazzHR

lD4K8q96QQ

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the AOUSC - Threat Hunt Lead in Washington DC vacancy
  •  ...Job Description Job Description Position Title Cyber Threat Intelligence & Threat Hunting Lead Position Overview The Cyber Threat Intelligence & Threat Hunting Lead will oversee integrated cyber threat intelligence (CTI), detection engineering, and proactive... 
    Suggested

    cFocus Software Incorporated

    Washington DC
    1 day ago
  •  ...A leading consulting firm is seeking a Security Operations Lead to oversee SOC functions and manage a team of Analysts and Engineers...  ...experience with specific expertise in incident response, threat hunting, and SIEM technologies like Splunk and ExtraHop. Responsibilities... 
    Suggested

    Accenture

    Washington DC
    2 days ago
  •  ...Job Description Job Description Position Title Threat Emulation & Readiness Lead / Red Team Lead Position Overview The Threat Emulation...  ...actor behaviors. Coordinate closely with SOC, CTI, Threat Hunt, and Detection Engineering teams. Assess detection and... 
    Suggested

    cFocus Software Incorporated

    Washington DC
    1 day ago
  •  ...seeks a Forensic and Malware Lead to join our program supporting...  ...of the United States Courts (AOUSC). This position is Hybrid with...  ...analysis of advanced persistent threats (APT), ransomware, phishing campaigns...  ...investigations and threat hunting operations. Coordinate... 
    Suggested
    Work at office

    cFocus Software Incorporated

    Washington DC
    1 day ago
  •  ...an experienced Senior Cyber Security Incident Response & Threat Intelligence Analyst to lead complex incident response efforts within our CSOC. You...  ...mitigate threats across the enterprise, developing SIEM rules, hunting adversaries, and coordinating with threat intel and... 
    Suggested

    Brooksource

    Washington DC
    2 days ago
  •  ...Position Title Insider Threat Program Lead Position Overview The Insider Threat Lead will design, mature, and oversee insider threat detection, analysis, and investigative support capabilities for a federal enterprise environment. The Lead will integrate user... 
    Full time

    cFocus Software Incorporated

    Washington DC
    1 day ago
  • cFocus Software seeks a Blue Team Lead to join our program supporting...  ...of the United States Courts (AOUSC). This position is Hybrid with...  ...aligned to current cyber threats, adversary tactics, techniques...  ...Detection Engineering, Threat Hunting, Incident Response, and Cyber... 
    Full time
    Work at office

    cFocus Software Incorporated

    Washington DC
    1 day ago
  •  ...in Bethesda, MD, to advance our Insider Threat Program. The role blends technical investigation...  ...evolution. You will design proactive hunts, investigate complex incidents, and...  ...and improvements. Responsibilities include leading investigations from signal to evidence, enhancing... 

    Dormont Manufacturing Co

    Bethesda, MD
    3 days ago
  •  ...seeks an Incident Response Expert III to join a federal cybersecurity program supporting DHS’s Hunt and Incident Response Team (HIRT). The role demands deep knowledge of threat actor tools, techniques, and procedures used in complex investigations. You will analyze... 

    Insight Global

    Arlington, VA
    5 days ago
  • Evolver Federal is seeking a Lead Cyber Threat Analyst to fulfil a requirement for a potential government client. The Lead Cyber Threat Analyst...  ...infrastructure. This role focuses on proactive threat hunting, intelligence analysis, and developing strategies to detect and... 
    Flexible hours

    EmergencyMD

    Washington DC
    4 days ago
  • $140.5k - $210k

     ...detection systems, ensuring the protection of IT assets. This role involves using advanced analytical skills to respond to cybersecurity threats effectively. Candidates must have a bachelor's degree in computer science or a related field and possess expert knowledge in... 

    Federal Reserve Board

    Washington DC
    2 days ago
  • CoreWeave is seeking a Senior Threat Intelligence Specialist based in Washington, D.C. to lead geopolitical risk and supply chain intelligence efforts pivotal for global operations. You'll analyze geopolitical instability and produce actionable intelligence for key business... 

    CoreWeave

    Washington DC
    4 days ago
  • $137.75k - $215k

    JPMorgan Chase in Washington, DC is looking for an Insider Threat Program Manager to lead and execute the insider threat program at a global scale. This role involves defining strategies, measuring risks, and synthesizing complex data for senior leadership. The ideal candidate... 

    JPMorgan Chase

    Washington DC
    4 days ago
  •  ...Manager (Defense Improvement Analysis) to lead adversary simulations, deconstruct attack flows, and drive improvements in threat detection. You will work across offensive and...  ...security, experience with threat hunting and detection engineering in cloud or hybrid... 

    Information Technology Senior Management Forum

    Mc Lean, VA
    2 days ago
  • $129k - $171k

    Anduril Industries in Washington, D.C. is seeking a CI Analyst Lead to enhance its security program. The ideal candidate will possess a strong background in counterintelligence, analyzing threats from nation-state actors, and will leverage data to identify and mitigate... 

    Anduril Industries

    Washington DC
    1 day ago
  • Overview The Counter-UAS Emerging Threat & Risk Analysis Team Lead will direct a team responsible for identifying, assessing, and mitigating evolving unmanned aircraft system (UAS) threats to critical infrastructure and national security. This role involves strategic risk... 
    Temporary work
    For contractors
    Local area
    Flexible hours

    Amyx, Inc.

    Washington DC
    4 days ago
  •  ...experienced Cyber Security professional to join their Offensive Security Purple Team. The role involves identifying vulnerabilities, threat hunting, and collaborating with various stakeholders to enhance cyber defense. The ideal candidate will have a strong background in... 

    Capital One National Association

    Mc Lean, VA
    4 days ago
  • Anthropic is seeking a threat intel manager to build and run the CBRN-E & Advanced Weapons team within Threat Intelligence. This role detects...  ...-E threats and for development of advanced weapons. You will lead a team of investigators with deep domain expertise, engage with... 
    Weekend work

    Anthropic

    Washington DC
    5 days ago
  • JPMorgan Chase & Co. is seeking an Insider Threat Program Manager to develop a mission-critical capability at a global scale. You will own the strategy and execution to protect the firm’s workforce and assets, working closely with various departments. The role requires... 

    JPMorgan Chase & Co.

    Washington DC
    3 days ago
  • JPMorgan Chase seeks an experienced Insider Threat Program Manager to own strategy, execution, and measurable outcomes protecting people, data, and platforms. You will translate complex signals into decisive actions and partner with Cybersecurity, Risk Management & Compliance... 

    VetJobs

    Washington DC
    2 days ago
  •  ...clients at every stage of their growth. BOOST is helping our client; CONSTANT Associates find a highly qualified Emerging Threats Portfolio Lead. About CONSTANT CONSTANT is a consulting firm focused on high-consequence environments, supporting government partners across... 
    For contractors
    Remote work

    Boost-LLC

    Washington DC
    3 days ago
  • Anduril Industries is seeking a CI Analyst Lead to protect its assets and personnel from threats posed by nation state actors and insiders. This role requires expertise in intelligence analysis and critical thinking to develop actionable insights for continuous improvement... 

    Slope

    Washington DC
    4 days ago
  • Amyx, Inc. is seeking a Team Lead for Counter-UAS Emerging Threat & Risk Analysis in Washington, DC. The role directs a team responsible for identifying, assessing, and mitigating evolving UAS threats to critical infrastructure and national security. The position emphasizes... 

    Amyx, Inc.

    Washington DC
    4 days ago
  • $112.8k - $257k

    Job Summary With increasing global threats and complex security challenges, we need a skilled Intelligence Analyst to assess, gather, and interpret data that informs leadership and enables decision‑making. The position calls for a CWMD (chemical, biological, radiological... 
    Full time
    Part time
    Local area

    Booz Allen Hamilton

    Arlington, VA
    23 hours ago
  • $166k - $220k

     ...will manage program execution, collaborate with engineers and government stakeholders, and ensure the successful delivery of digital threat representations. This role requires an active U.S. Security Clearance, a bachelor's degree in a technical field, and at least 4... 

    Anduril

    Washington DC
    13 days ago
  •  ...employees are our number one resource. If you are a problem-solving people-person, apply today! Location Washington, DC Position Lead Cyber Threat Analyst Location: Washington, DC Position Summary The Lead Cyber Threat Analyst serves as the technical and operational lead... 
    For contractors
    Local area

    DirectViz Solutions

    Washington DC
    3 days ago
  • Salesforce is seeking a Principal Insider Threat Analyst to mature our Insider Threat Program. This hands-on role blends deep investigative...  .... You will own complex investigations, design proactive threat hunts, and build playbooks and partnerships with cross-functional... 

    salesforce.com, inc.

    Mc Lean, VA
    4 days ago
  •  ...Capital in McLean, Virginia is seeking a Principal Insider Threat Analyst to lead the development of their Insider Threat Program. The role requires...  ...conducting complex investigations, architecting threat hunting operations, and maintaining a world-class insider threat... 

    B Capital

    Mc Lean, VA
    2 days ago
  •  ...prioritizing speed, ownership, and execution over bureaucracy. Lead Cyber Threat Intelligence Analyst Location: Onsite – Government-...  ...behavior Coordinate with SOC, incident response, and threat hunting teams to ensure CTI products are operationally relevant and drive... 
    Full time
    Work experience placement
    Flexible hours
    Shift work

    Revolutional, LLC

    Silver Hill, MD
    2 days ago
  •  ...Position Title SOC Operations Lead / Managed Detection & Response (MDR) Lead Position Overview The SOC Operations Lead...  ...and incident impact assessments. Coordinate closely with Threat Hunting, CTI, Detection Engineering, and Incident Response teams. Brief... 
    Full time

    cFocus Software Incorporated

    Washington DC
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to AOUSC - Threat Hunt Lead. Be the first to apply!