Cyber Threat Hunter

Leidos
95d$104,650 - $189,175
Match Resume

About The Position

Leidos is seeking a highly motivated and experienced Cyber Threat Hunter to join our DHS NOSC Cyber Team. This role supports the Department of Homeland Security’s mission to protect its enterprise-wide information systems from cyber threats through proactive monitoring, intrusion detection, and security services. The ideal candidate is process-driven, inquisitive, and skilled at identifying patterns and anomalies in complex datasets. The Network Operations Security Center (NOSC) is a U.S. Government program responsible for preventing, identifying, containing, and eradicating cyber threats across DHS networks. NOSC provides monitoring, intrusion detection, and protective services for DHS information systems, including LAN/WAN infrastructure, public-facing websites, wireless and mobile/cellular networks, cloud environments, and security devices, servers, and workstations. NOSC oversees the overall security of DHS enterprise systems and investigates and reports suspected or confirmed security violations.

Requirements

  • Active TS/SCI clearance; must also obtain a favorable Entry on Duty (EOD) determination from DHS HQ
  • Bachelor’s degree in IT, Cybersecurity, Computer Science, Information Systems, Data Science, or Software Engineering from an ABET or NCAE-C designated institution
  • Minimum 8-12 years of relevant experience (SOC Analyst, Incident Responder)
  • A bachelor’s degree may substitute for up to 1 year of experience
  • A master’s degree may substitute for up to 2 years of experience
  • At least two certifications from the following: Security+, PenTest+, Cloud+, GSEC, CEH, CCE, CFR, CySA+, GCFA, GCIA, GCIH, GDSA, GICSP
  • Strong ability to work independently; self-starter and self-motivated
  • Must be a U.S. Citizen

Nice To Haves

  • Expertise in network and host-based analysis and investigation
  • Experience planning and executing threat hunt missions
  • Understanding of enterprise network architecture (routing, switching, firewalls, proxies, load balancers)
  • Completion of military cyber training courses: 4-11-C32-255S (CP), 4C-255N (CP), or 4C-255A (CP)
  • Working knowledge of networking protocols (HTTP, DNS, SMB, etc.)
  • Familiarity with Windows and Linux operating systems
  • Proficiency in scripting languages (Python, PowerShell)
  • Experience with Splunk SPL and/or Elastic DSL
  • Proven ability to triage and respond to APT activities
  • Experience with cloud and container platforms (AWS, Azure, O365, etc.)
  • Deep understanding of the cyber threat landscape and adversary tactics
  • Prior experience on a federal government threat hunt team, especially DHS or DoD

Responsibilities

  • Develop threat models to assess the DHS IT enterprise, identify defensive gaps, and prioritize mitigations
  • Author, update, and maintain SOPs, playbooks, and work instructions
  • Use threat intelligence and models to formulate threat hypotheses
  • Plan and execute threat hunt missions to validate hypotheses
  • Proactively search systems and networks for advanced threats
  • Analyze host, network, and application logs, malware, and code
  • Prepare and present risk analyses and threat findings to stakeholders
  • Recommend and assist in developing new security content (e.g., signatures, alerts, workflows, automation)
  • Collaborate across teams to enhance threat detection, response, and overall security posture

Benefits

  • Competitive compensation
  • Health and Wellness programs
  • Income Protection
  • Paid Leave
  • Retirement

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Education Level

Bachelor's degree

Number of Employees

11-50 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service