Threat Hunt Lead

 

 

Requisition #: 1434

Job Title: Threat Hunt Lead

Location: Reston, VA

Clearance Level: TS (SCI Eligible)

Required Certification(s):

GIAC, GCIH or CEH

 

SUMMARY

 

Agile Defense is seeking an accomplished Threat Hunt Lead to support USG enterprise cybersecurity programs delivering 24/7/365 Cybersecurity Operations Center (SOC) services. To ensure the integrity, security and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response. Strong written and verbal communications skills are a must. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables. These positions will focus on threat analysis, detection content development, malware analysis, support incident response and actioning Cyber Threat Intelligence (skills in more than one cyber discipline are preferred).

 

JOB DUTIES AND RESPONSIBILITIES

 

Leads threat hunting across large enterprise environments, leveraging cyber threat intelligence (CTI) to design TTP or hypothesis hunts and collaborating with detection engineering, incident response, and asset owners to validate and remediate findings. Plan, schedule and execute hunts based on adversary tactics, techniques, and procedures (TTPs); pivot across host, cloud and network telemetry to uncover unknown threats. Develop and interpret detections and analytics, coordinate remediation efforts with asset owners and incident response teams. Communicate significant findings to USG leadership; maintain a prioritized hunt backlog and track success metrics.

 

QUALIFICATIONS

Required Certifications

 

GCIA, GCIH or GFCA OR CEH

Education, Background, and Years of Experience

Bachelor’s degree in computer science, Engineering, STEM, Information Technology, or Cybersecurity

 

ADDITIONAL SKILLS & QUALIFICATIONS

Required Skills

 

A minimum of five (5) years of experience as a Tier 3 senior cyber threat hunt analyst performing threat analysis, technical analysis, and network asset traversal. A minimum of five (5) years of hands-on experience with experience in the last two (2) years that includes host and network-based security monitoring using cybersecurity capabilities.

 

Applicant will possess a strong cyber security background with experience in host and network-based forensics related to the identification of advanced cyber threat activities, intrusion detection, malware identification, and security content development (e.g., signatures, rules, queries etc.).

 

Shall have experience interpreting a variety of scripts or programming languages to support cyber threat hunts or malware analysis in a variety of formats, such as VB scripts, Python, PowerShell, JavaScript, and HTML, XML or other types needed for analysis.

 

Candidates will have experience in conducting cyber threat hunt analysis, utilizing cyber threat intelligence to identify and prioritize tactics, techniques, and procedures to hunt against.

 

Have a deep knowledge of capabilities and experience with security information and event management (SIEM) and networked-device management tools such as Splunk and EDR solutions.

 

Candidates will have experience in maintaining a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats actors and activities to enhance cybersecurity posture of the organization’s IT operating environment.

 

Will work with the Cyber Threat Intelligence team to report significant findings of importance to leadership as well as coordinate with Pentest team and asset owners to deconflict findings.

 

Candidate will lead the Cyber Threat Hunt team to propose corrective actions and inform the necessary parties of security issues, reportable offenses, or cybersecurity best practices.

Candidate will have strong written and oral communication skills

 

Preferred Skills

 

GFCA, GREM, GFNA,OSCP, GPEN

 

WORKING CONDITIONS

Environmental Conditions

 

Hybrid in Reston, VA

Strength Demands

Physical Requirements