No longer accepting applications
Cyber Threat Hunter Senior (Washington)
ClearanceJobsWashington, DC, US9 hours ago
Job type
- Part-time
Job descriptionOne of the following certifications : GIAC Certified Intrusion Analyst (GCIA); GIAC Certified Incident Handler (GCIH); GIAC Continuous Monitoring (GMON); GIAC Defending Advanced Threats (GDAT); Splunk Core Power User Provide incident response services after an incident is declared and provide a service that proactively searches for security incidents that would not normally be detected through automated alerting. The threat hunt mission is to explore datasets across the judicial fabric to identify unique anomalies that may be indicative of threat actor activity based on the assumption that the adversary is already present in the judicial fabric. The extended mission is to conduct counterintelligence, build threat actor dossiers, disrupt adversary operations, identify misconfigurations / vulnerabilities, and identify visibility / detection gaps, if any. Human analytical thinking is imperative to the primary and extended missions as it is up to the threat hunter to find signs of an intrusion that have bypassed the automatic detection process that may already be in place. Accept and respond to government technical requests through the AOUSC ITSM ticket (e.g., HEAT or Service Now), for threat hunt support. Threat hunt targets include cloud-based and non-cloud-based applications such as : Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Cloud Access Security Brokers (i.e., Zscaler). Review and analyze risk-based Security information and event management (SIEM) alerts when developing hunt hypotheses. Review open-source intelligence about threat actors when developing hunt hypotheses. Plan, conduct, and document iterative, hypothesis based, tactics, techniques, and procedures (TTP) hunts utilizing the agile scrum project management methodology. At the conclusion of each hunt, propose, discuss, and document custom searches for automated detection of threat actor activity based on the hunt hypothesis. Configure, deploy, and troubleshoot Endpoint Detection and Response agents (e.g., CrowdStrike and Sysmon). Collect and analyze data from compromised systems using EDR agents and custom scripts provided by the AOUSC. Track and document cyber defense incidents from initial detection through final resolution. Interface with IT contacts at court or vendor to install or diagnose problems with EDR agents. Participate in government led after action reviews of incidents. Triage malware events to identify the root cause of specific activity. Attend daily Agile Scrum standups and report progress on assigned Jira stories. Hunt Hypotheses : Hunt hypotheses describe how an actor might operate in the network while remaining undetected. Hunt Reports : Hunt reports describe the original hypothesis and all iterations. Detection Logic : Document and test detection logic for automated detection of threat actor activity based on hunt hypothesis. Advanced SME IR Reports : Timely Advanced SME IR Support for Priority 1 Security Events. Incident Report : Document all incident details in an incident report. Provide Weekly Reports to the AOUSC Program Manager that documents all activities, tasks, tickets and documents worked on. Document repeatable Standard Operation Procedures (SOPs) and playbooks for security use cases.
Cyber Threat Hunter (Senior)
cFocus Software seeks a Cyber Threat Hunter (Senior) to join our program supporting US Courts in Washington, DC. This position has remote capabilities. This position requires an active Public Trust clearance and must meet 8570 requirements. Required qualifications include :
- 5 years of experience performing threat hunts & incident response activities for cloud-based and non-cloud-based environments, such as : Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler
- 5 years of experience performing hypothesis-based threat hunt & incident response utilizing Splunk Enterprise Security
- 5 years of experience collecting and analyzing data from compromised systems using EDR agents (e.g. CrowdStrike) and custom scripts (e.g. Sysmon & Auditd)
- 5 years of experience with the following threat hunting tools : Microsoft Sentinel for threat hunting within Microsoft Azure; Tenable Nessus and SYN / ACK for vulnerability management; NetScout for analyzing network traffic flow; SPUR.us enrichment of addresses Mandiant Threat intel feeds
Must be able to work 80% (Monday thru Thursday) on-site at AOUSC office in Washington, DC. Desired qualifications include :
Duties :
Deliverables :
Create a job alert for this search
Senior Threat Hunter • Washington, DC, US
Related jobs
We are currently seeking an experienced.Senior Cyber Security Deception Engineer / Threat Hunter.Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and...Show moreLast updated: 5 days ago
A Senior Cyber Intrusion Detection Analyst is needed to provide advanced incident response and monitoring support.This is a hybrid position based in Washington, D.
Saturday & Sunday, Friday 11pm7am,...Show moreLast updated: 30+ days ago
Cybersecurity Subject Matter Expert - Lead.IPTA's Technology Solutions Team is passionate about providing our customers with technical solutions that satisfy their business needs.Through collaborat...Show moreLast updated: 30+ days ago
Leidos is seeking a highly motivated and experienced.This role supports the Department of Homeland Security's mission to protect its enterprise-wide information systems from cyber threats through p...Show moreLast updated: 2 days ago
Focus Software seeks a Threat Hunter to support the Administrative Offices of the United States Courts (AOUSC) in Washington, DC.
This position will require 4 days a week onsite at the Thurgood Mars...Show moreLast updated: 30+ days ago
Resource Management Concepts, Inc.RMC) provides high-quality, professional services to government and commercial sectors.
Our mission is to deliver exceptional management and technology solutions su...Show moreLast updated: 1 day ago
Senior CI Cyber Special Agent Trainer / Mentor - USACIC.Celstar Corporation is seeking a Senior CI Cyber Special Agent Trainer / Mentor to support The U.
Army Intelligence and Security Command (INSCOM) ...Show moreLast updated: 30+ days ago Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a U.Government program responsible to prevent, identify, contain and eradicate cyber t...Show moreLast updated: 30+ days ago Leidos is seeking a highly skilled and experienced.Social Security Administration (SSA).This position focuses on advancing the agency's capabilities in user activity monitoring (UAM), automation,.D...Show moreLast updated: 29 days ago 
We are seeking a highly skilled Cyber Security Engineer to oversee and maintain the security of our information systems.The Cyber Security Engineer will require Special Access Program access— SAP e...Show moreLast updated: 1 day ago
Cyber Technical Analyst Advisor (Technical Targeter).Active TS / SCI w / FS Poly REQUIRED.This project is supporting a mission critical group dealing with data vital to Homeland Security.Demonstrated ...Show moreLast updated: 30+ days ago
Senior Cyber Security Engineer role at hackajob, in collaboration with ManTech to connect them with exceptional tech professionals.
The position is in the DC, Maryland, and Virginia (DMV) area.The r...Show moreLast updated: 2 days ago Cyber Technical Analyst Advisor (Technical Targeter).Demonstrated experience conducting in-depth targeting research and analysis.
Demonstrated experience and ability to determine work.Demonstrated e...Show moreLast updated: 30+ days ago The Leidos Digital Modernization group has a career opportunity for a.This position will support a large Department of Defense (DOD) Cyber Security Service Providers (CSSP) and is responsible for p...Show moreLast updated: 30+ days ago Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a U.Government program responsible to prevent, identify, contain and eradicate cyber t...Show moreLast updated: 30+ days ago 
We are currently seeking an experienced.Senior Cyber Security Deception Engineer / Threat Hunter.Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and...Show moreLast updated: 2 days ago Seize your opportunity to make a personal impact as a Project / Task Manager supporting our program.GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding ca...Show moreLast updated: 30+ days ago Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a U.Government program responsible to prevent, identify, contain and eradicate cyber t...Show moreLast updated: 30+ days ago 
Umbra is an American space technology company delivering advanced systems, from sensors to spacecraft, that empower customers worldwide with unmatched access to critical information from space.Our ...Show moreLast updated: 2 hours ago
Vulnerability & Compliance Testing : .Conduct authenticated vulnerability scans and compliance evaluations across networks, systems, endpoints, and cloud platforms.
Evaluate system, network, and i...Show moreLast updated: 14 days ago
- Promoted
Cyber Security Deception / Threat Hunter
AGR, LLCArlington, VA, USFull-time
Senior Cyber Intrusion Detection Analyst
Vets HiredWashington, D.C., District of Columbia, United StatesFull-time
Quick Apply
Cybersecurity Subject Matter Expert - Lead
Interactive Process Technology LLCFort Belvoir, VA, USAFull-time
Quick Apply
- Promoted
Cyber Threat Hunter
Leidos IncAshburn, VA, United StatesFull-time
Senior Threat Hunter
cFocus Software IncorporatedWashington, DC, USFull-time
Quick Apply
Cyber Defense Threat Hunting Analyst
Resource Management Concepts, Inc.Quantico, VA, USFull-time
Quick Apply
- Promoted
Senior CI Cyber Special Agent Trainer / Mentor - USACIC
Clearance JobsFort George G Meade, MD, USFull-time
- Promoted
Cyber Detection Engineer
Leidos IncAshburn, VA, United StatesFull-time
- Promoted
Insider Threat Engineer
Leidos IncBaltimore, MD, United StatesFull-time
- Promoted
Senior Cyber Security Engineer
Applied IntuitionWashington, DC, United StatesFull-time
Cyber Technical Analyst Advisor (Technical Targeter)
Leading Path ConsultingChantilly, VA, USFull-time
Quick Apply
- Promoted
Senior Cyber Security Engineer
hackajobWashington, DC, United StatesFull-time
Cyber Technical Analyst Advisor (Technical Targeter) - TS / SCI w / Poly
Leading Path ConsultingChantilly, VA, USFull-time
Quick Apply
- Promoted
Principal Cyber Threat Hunter
Leidos IncAdelphi, MD, United StatesFull-time
- Promoted
Cyber Threat Hunt Analyst
Leidos IncAshburn, VA, United StatesFull-time
- Promoted
Cyber Security Deception / Threat Hunter (Arlington)
AGR, LLCArlington, VA, USFull-time +1
- Promoted
Cyber Threat Analysis Division Task Lead
Clearance JobsArlington, VA, USFull-time
- Promoted
Insider Threat & Cyber Forensics SME
Leidos IncAshburn, VA, United StatesFull-time
- New!
Cyber Threat Operations Analyst
UmbraArlington, VA, USFull-time +1
Quick Apply
Cyber Analyst - Vulnerability Manager
ConnsciGaithersburg, MD, USAFull-time
Quick Apply