Cyber Threat Hunter - Remote

MindPoint Group, LLC has an exciting opportunity to join the Cyber Threat Hunt team of one of our largest clients. This position is critical to the continued maturation of the client's operational capabilities, and you will join an established and experienced group that is motivated to provide excellent services in defending federal infrastructure. You will work closely with other threat hunters, threat analysts, and an established Security Operations Center (SOC) and we will rely on you to hunt down the most advanced global threats. Your role will involve actively hunting for Indicators of Compromise (IOC) and Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTP) in the network and in the host as necessary. On a daily basis, you will search network flow, PCAP, logs, and sensors for evidence of cyber-attack patterns, and hunt for Advanced Persistent Threats (APT). You will create detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate team. Collaboration with the SOC and Threat Analysts will be essential to contain and investigate major incidents. You will also be responsible for providing simple and reusable hunt tactics and techniques to a team of security engineers, SIEM specialists, and SOC analysts. Working with leadership and the engineering team, you will improve and expand available toolsets. Additionally, you will analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture. Monitoring open source and commercial threat intelligence for IOCs, new vulnerabilities, software weaknesses, and other attacker TTPs will also be part of your responsibilities.