Senior Threat Hunter

About The Position

Requirements

• Five (5) or more years of experience in data hunting, manipulation, and presentation
• Management or team lead experience
• Experience with MITRE ATT&CK and MITRE D3FEND
• Experience analyzing TCP/IP, IDS data, PCAP, logs, and sensor data
• Experience supporting malware analysis
• Experience with Endpoint Detection and Response (EDR) tools
• Experience with scripting or query languages including R, Python, PIG, HIVE, or SQL
• Bachelor’s Degree (Bachelor’s Degree may be substituted with additional 4+ years of experience as approved by Government)
• One of: CISSP (Associate) CCSP SSCP GCIH GNFA GCIA
• Plus one DoD 8570 CSSP certification in: CSSP Analyst CSSP Infrastructure Support CSSP Incident Responder
• Secret (active), Top Secret, SCI Eligible

Responsibilities

• Conduct proactive threat hunting to identify malicious activity, indicators of compromise, and anomalous behavior across the enterprise
• Analyze data from logs, sensors, endpoint detection and response (EDR) tools, and full packet capture (PCAP) sources to detect threats
• Apply threat hunting methodologies using MITRE ATT&CK and MITRE D3FEND frameworks
• Support detection, analysis, and response to cyber threats in coordination with SOC and incident response teams
• Perform analysis of TCP/IP traffic, intrusion detection system (IDS) data, malware activity, and adversary tactics, techniques, and procedures (TTPs)
• Use scripting and query tools to support threat analysis, data hunting, and development of analytical outputs
• Support development of threat hunting products, reporting, and recommendations to improve cyber defense detection and monitoring