Cyber Threat Hunt Lead
About The Position
This position is contingent upon contract award SOSi is seeking highly qualified senior professionals to support a DHS enterprise cybersecurity program providing 24/7 Security Operations Center (SOC) services. These roles deliver leadership, operational oversight, and technical expertise across cyber defense, incident response, intelligence, engineering, and modernization activities. Job Description Leads hypothesis-driven threat hunting across enterprise environments, leveraging CTI to define TTP-focused hunts and collaborating with detection engineering, IR, and asset owners to validate and remediate findings.
Requirements
- 5+ years as a Tier III threat hunt analyst and 5+ years hands-on, including the last 2 years of network-based monitoring.
- Host/network forensics, intrusion detection, malware identification, and detection content development (signatures/rules).
- Deep experience with SIEM (e.g., Splunk) and endpoint/network management tools (e.g., Tanium).
- Interpret scripts in VB, Python, C++, HTML/XML to support detection and triage.
- CEH, IAT Level II, IAM Level I, or CSSP Analyst/Incident Responder.
- TS, SCI-eligible.
Responsibilities
- Plan and execute TTP-based hunts; pivot across host/network telemetry to discover unknown threats.
- Develop/interpret detections and analytics, coordinate remediation with asset owners and IR.
- Report significant findings to leadership; maintain hunt backlog and success metrics.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
