Senior Threat Hunter
cFocus Software IncorporatedWashington, DC, US30+ days ago
Job type
- Full-time
- Quick Apply
Job descriptionMicrosoft Sentinel for threat hunting within Microsoft Azure; Tenable Nessus and SYN / ACK for vulnerability management; NetScout for analyzing network traffic flow; SPUR.us enrichment of addresses Mandiant Threat intel feeds Must be able to work 80% (Monday thru Thursday) onsite at AOUSC office in Washington, DC One of the following certifications : GIAC Certified Intrusion Analyst (GCIA) GIAC Certified Incident Handler (GCIH) GIAC Continuous Monitoring (GMON) GIAC Defending Advanced Threats (GDAT) Splunk Core Power User Duties and Responsibilities : Provide incident response services after an incident is declared and provides a service that proactively searches for security incidents that would not normally be detected through automated alerting. The Threat Hunt mission is to explore datasets across the judicial fabric to identify unique anomalies that may be indicative of threat actor activity based on the assumption that the adversary is already present in the judicial fabric. The extended mission is to conduct counterintelligence, build threat actor dossiers, disrupt adversary operations, identify misconfigurations / vulnerabilities, and identify visibility / detection gaps, if any. Human analytical thinking is imperative to the primary and extended missions as it is up to the threat hunter to find signs of an intrusion that have bypassed the automatic detection process that may already be in place. Accept and respond to government technical requests through the AOUSC ITSM ticket (e.g., HEAT or Service Now), for threat hunt support. Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Cloud Access Security Brokers (i.e., Zscaler). Review and analyze risk-based Security information and event management (SIEM) alerts when developing hunt hypotheses. Review open-source intelligence about threat actors when developing hunt hypotheses. Plan, conduct, and document iterative, hypothesis based, tactics, techniques, and procedures (TTP) hunts utilizing the agile scrum project management methodology. At the conclusion of each hunt, propose, discuss, and document custom searches for automated detection of threat actor activity based on the hunt hypothesis. Configure, deploy, and troubleshoot Endpoint Detection and Response agents (e.g., CrowdStrike and Sysmon). Collect and analyze data from compromised systems using EDR agents and custom scripts provided by the AOUSC. Track and document cyber defense incidents from initial detection through final resolution. Interface with IT contacts at court or vendor to install or diagnose problems with EDR agents. Participate in government led after action reviews of incidents. Triage malware events to identify the root cause of specific activity. Attend daily Agile Scrum standups and report progress on assigned Jira stories. Powered by JazzHR
cFocus Software seeks a Threat Hunter to support the Administrative Offices of the United States Courts (AOUSC) in Washington, DC. This position will require 4 days a week onsite at the Thurgood Marshall Building and 1 day remote with hours of 8am- 4 :
- 30pm. Required Qualifications include : Ability to obtain a Public Trust 5 years of experience performing threat hunts & incident response activities for cloud-based and non-cloud-based environments, such as : Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler 5 years of experience performing hypothesis-based threat hunt & incident response utilizing Splunk Enterprise Security. 5 years of experience collecting and analyzing data from compromised systems using EDR agents (e.g.
- CrowdStrike ) and custom scripts (e.g.
Sysmon & Auditd ) 5 years of experience with the following threat hunting tools :
Threat hunt targets include cloud-based and non-cloud-based applications such as :
Create a job alert for this search
Senior Threat Hunter • Washington, DC, US
Related jobs
This is a contingent opportunity Threat Assessment Team Lead is responsible for the pre-assessment coordination requirements and providing installation support for the development and public...Show moreLast updated: 30+ days ago
The Digital Modernization Sector at Leidos currently has an opening for a Senior System Engineer supporting the HEITS Contract as part of the Department of Homeland Security (DHS) Insider Threat Pr...Show moreLast updated: 30+ days ago The Digital Modernization Sector at Leidos currently has an opening for a Systems Management SME supporting the HEITS Contract as part of an Insider Threat Program (ITP).
This is an exciting opportu...Show moreLast updated: 30+ days ago 
Leidos is seeking a highly motivated and experienced.This role supports the Department of Homeland Security's mission to protect its enterprise-wide information systems from cyber threats through p...Show moreLast updated: 30+ days ago
At Legal & General America, we aim to make a positive difference in the lives of our customers, partners, colleagues, and the communities in which they live.
As a recognized market leader of term li...Show moreLast updated: 1 day ago
AlliedTravelCareers is working with Fusion Medical Staffing to find a qualified Nuclear Medicine Tech in Baltimore, Maryland, 21224!.
Facility in Baltimore, Maryland.Fusion Medical Staffing is seeki...Show moreLast updated: 2 days ago
We are looking for a finance professional to join our team to train AI models.You will measure the progress of these AI chatbots, evaluate their logic, and solve problems to improve the quality of ...Show moreLast updated: 10 days ago We are looking for a finance professional to join our team to train AI models.You will measure the progress of these AI chatbots, evaluate their logic, and solve problems to improve the quality of ...Show moreLast updated: 10 days ago The Digital Modernization Sector at Leidos currently has an opening for a Hunt Analyst supporting the HEITS Contract as part of the Department of Homeland Security (DHS) Insider Threat Program (ITP...Show moreLast updated: 30+ days ago 
AMN Healthcare Allied is seeking a travel Outpatient Physical Therapy Assistant for a travel job in PRINCE FREDERICK, Maryland.
Job Description & Requirements.Job Description & Requirements....Show moreLast updated: 30+ days ago
Skyline Med Staff Allied is seeking a travel Physical Therapist for a travel job in Prince Frederick, Maryland.Job Description & Requirements.
Join the Top- Rated Travel Healthcare Team!.Skyline...Show moreLast updated: 30+ days ago
Jackson Therapy Partners is seeking a travel Home Health Physical Therapy Assistant for a travel job in Hughesville, Maryland.
Job Description & Requirements.Make a real difference as a travel P...Show moreLast updated: 7 hours ago At Legal & General America, we aim to make a positive difference in the lives of our customers, partners, colleagues, and the communities in which they live.
As a recognized market leader of term li...Show moreLast updated: 30+ days ago The Leidos Digital Modernization group has a career opportunity for a.This position will support a large Department of Defense (DOD) Cyber Security Service Providers (CSSP) and is responsible for p...Show moreLast updated: 30+ days ago 
Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA.The 2,000+ employees of Draper tackle important national challenges with a promise of delivering ...Show moreLast updated: 30+ days ago
The Digital Modernization Sector at Leidos currently has an opening for a Hunt Team Analyst supporting the HEITS Contract as part of the Department of Homeland Security (DHS) Insider Threat Program...Show moreLast updated: 21 hours ago
Enforces the laws of the state of Maryland through patrolling designated areas by vehicle and foot to maintain a visible presence to deter crime, detecting violations of laws and ordinances, and id...Show moreLast updated: 30+ days ago
The Special Investigations Unit (SIU) Investigator is responsible to conduct timely and thorough health care fraud investigations on behalf of the Company.
Investigations are confidential and are co...Show moreLast updated: 30+ days ago
Threat Assessment Team Lead
K2 Group, Inc.Arlington, VA, USFull-time
Quick Apply
- Promoted
Insider Threat Program Senior System Engineer
LeidosLorton, VA, USFull-time
- Promoted
Insider Threat Program Systems SME
LeidosOxon Hill, MD, USFull-time
- Promoted
Cyber Threat Hunter
Leidos IncAshburn, VA, United StatesFull-time
- Promoted
IT Disaster Recovery Lead
Legal & General AmericaFrederick, MD, United StatesFull-time
- Promoted
Travel Nuclear Medicine Tech - $2,200 to $2,529 per week in Baltimore, MD
AlliedTravelCareersGermantown, Maryland, USFull-time
- Promoted
Remote Sales & Trading Associate - AI Trainer ($50-$60 / hour)
Data AnnotationFrederick, MarylandRemote
Full-time +1
- Promoted
Remote M&A Associate - AI Trainer ($50-$60 / hour)
Data AnnotationFrederick, MarylandRemote
Full-time +1
- Promoted
Insider Threat Program Hunt Team Analyst
Leidos IncWashington, DC, United StatesFull-time
- Promoted
Travel Outpatient Physical Therapy Assistant
AMN Healthcare AlliedPrince Frederick, MD, USFull-time
- Promoted
Travel Physical Therapist
Skyline Med Staff AlliedPrince Frederick, MD, USFull-time
- Promoted
- New!
Travel Home Health Physical Therapy Assistant
Jackson Therapy PartnersHughesville, MD, USFull-time +1
- Promoted
Senior Security Engineer
Legal & General AmericaFrederick, MD, United StatesFull-time
- Promoted
Principal Cyber Threat Hunter
Leidos IncAdelphi, MD, United StatesFull-time
- Promoted
Senior Offensive Threat Researcher
Draper LabsReston, VA, United StatesFull-time
- Promoted
- New!
Insider Threat Program Hunt Team Analyst
Via Logic LLCWashington, DC, United StatesFull-time
- Promoted
UPO I
InsideHigherEdTowson, Maryland, United StatesFull-time
- Promoted
Senior Fraud Investigations Analyst - Medicare / Medicare Advantage Investigations
Blue Cross and Blue Shield of North CarolinaBaltimore, MD, United StatesFull-time