Blog
 

Blog

Threat Hunter

  |  
Full Time
D.C. Metro

Location: McLean, VA with the opportunity to telecommute

 

Position Description:

 

Focuses on implementing and operating next-generation security solutions for Federal government Agencies/departments. Technical team members perform hands-on evaluation, implementation, and operation of leading security Cyber defense tools and technologies. You apply in-depth defense strategies in large and complex networks to rapidly identify vulnerabilities and threats, prioritize response actions, and develop effective counter-measures. You utilize technical expertise to help customers overcome their most difficult challenges by integrating secure practices through cybersecurity.

 

As a Threat Hunter team member, you collaborate with highly skilled engineers to ensure the current infrastructure is functional and available, look for ways to make the infrastructure better using the latest technology and the best implementation strategies, and update and patch critical systems. You provide customers insight into their network through monitoring and performance management. You use your technical expertise to help identify problem areas and opportunities for improvement in mission-critical networks. Experience with threat hunting, including both Endpoint data analysis, such as Crowdstrike Falcon, Carbon Black, FireEye HX, or Tanium and network data analysis for Bro Logs, Netflow, PCAP, and PaloAlto firewall or proxies.

 

Requirements:

 

  • Experience with IT infrastructure
  • Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses
  • Knowledge of the TCP/IP networking stack and network IDS technologies
  • Ability to work with client deliverables and requirements
  • BA or BS degree
  • GCFA, GCFE, GREM, GNFA, or OSCP Certification

 

Additional Qualifications:

 

  • Experience with regular expression and scripting languages, including Python or PowerShell
  • Experience with Windows Enterprise security or systems administration
  • Experience with SIEM and SOC, including Qradar, Splunk ES, or ArcSight
  • Experience with data hunting, including ELK, Splunk, Apache Spark, or Amazon Web Services (AWS) Stack
  • Experience with scripting, including PowerShell, Python, or REST APIs
  • Experience with forensic tools, including FTK and Encase
  • Experience with endpoint telemetry, including Carbon Black, HX, Falcon, or Endgame
  • Experience with network hunting, including Bro Logs, Netflow, PCAP, or PaloAlto firewalls and proxies
  • Experience with offensive tools, including Mimikatz, Metasploit, and Empire
  • Knowledge of Windows OS and PowerShell or command line
  • Knowledge of endpoint incident response and forensics
  • Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building
  • Ability to analyze malware, extract indicators, and create signatures in Yara, Snort, and IOCs
  • Possession of excellent collaborative skills

 

Clearance Requirements: Ability to Obtain a Security Clearance

 

Email resumes to: [email protected]

Apply Now

Careers Form
First
Last
I would like to be notified of future openings.
Please check our Privacy Policy to see how we protect and manage your submitted data.
Drop a file here or click to upload Choose File
Maximum upload size: 25MB

← View All Careers

Job Features

Job CategoryOther

Apply Online