Lead Cyber Threat Hunter

4 days ago


Arlington, United States Tyto Athene, LLC Full time

Tyto Athene is searching for a Lead Cyber Threat Hunter to support our customer in Arlington, Virginia.



Responsibilities:

  • Actively hunt for Indicators of Compromise (IOC) and threat actor Tactics, Techniques, and Procedures (TTP) in the network and the host as necessary
  • Search network flow, PCAP, logs, and sensors for evidence of cyber-attack patterns, and hunt for Advanced Persistent Threats (APT)
  • Create detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate teams
  • Collaborate with the SOC and Threat Analysts to contain and investigate major incidents
  • Provide simple and reusable hunt tactics and techniques to a team of security engineers, SIEM specialists, and SOC analysts
  • Work with leadership and the engineering team to improve and expand available toolsets
  • Analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture
  • Monitor open source and commercial threat intelligence for IOCs, new vulnerabilities, software weaknesses, and other attacker TTPs.



Required:

  • Bachelor’s degree in Computer Science, Information Technology, or related field and 8 years of relevant experience or a Masters degree and 4 years
  • Experience with securing and hardening IT infrastructure
  • Demonstrated or advanced experience with computer networking and operating systems
  • Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses
  • Demonstrated proficiency with regular expression and scripting languages, including Python or PowerShell
  • Demonstrated proficiency with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack
  • Experience with network hunting, including Bro Logs, DNS, Netflow, PCAP, or firewalls and proxies
  • Knowledge of Windows and Linux OS’ and command line
  • Ability to analyze malware, extract indicators, and create signatures in Yara and Snort
  • Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences to include at the executive level
  • Knowledge related to the current state of cyber adversary tactics and trends
  • Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building
  • Knowledge of the TCP/IP networking stack and network IDS technologies



Desired:

  • Previous experience working as a cyber threat hunter
  • Experience with operational security, including security operations centers (SOC), incident response, digital forensics, and malware analysis
  • Experience with major cloud service provider offerings
  • Knowledge of offensive security tools and techniques



Clearance: Active Secret clearance required



Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.



Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.



  • Arlington, United States Gray Tier Technologies LLC Full time

    Gray Tier Technologies is looking for a Cyber Threat Hunter SME to support The Department of Homeland Security (DHS) Hunt and Incident Response Team (HIRT). DHS HIRT secures the Nation's cyber and communications infrastructure. HIRT provides DHS's front-line response for cyber incidents and proactively hunting for malicious cyber activity. Gray Tier...


  • Arlington, Virginia, United States PassionHR Full time

    **Job Description:** Enterprise Threat HunterWe are seeking a highly skilled enterprise threat hunter to lead investigations, assess the severity of breaches, develop effective mitigation plans, and assist in restoring services.This role requires expertise in cyber incident management and cybersecurity operations, with a proactive approach to safeguarding...


  • Arlington, Virginia, United States Solutions3 Full time

    Cybersecurity Threat HunterSolutions3 LLC is a premier provider of advanced technical assistance and cybersecurity services to the U.S. Government. We are currently seeking a skilled Cybersecurity Threat Hunter to support our mission critical development and sustainment program for incident response to Government agencies and critical infrastructure owners...


  • Arlington, Virginia, United States Argo Cyber Systems Full time

    Job OverviewWe are seeking a highly skilled Cyber Threat Analyst to join our team at Argo Cyber Systems.About the RoleThis is an exciting opportunity for a motivated and detail-oriented individual to contribute to our mission of providing advanced technical assistance and cybersecurity analysis capabilities.The ideal candidate will have 5+ years of...


  • Arlington, Virginia, United States SiloSmashers Full time

    About the RoleWe are seeking a skilled Cybersecurity Threat Hunter III to support CISA in strengthening their security posture and improving incident response capabilities.Key Responsibilities:Continuously detect, analyze, and combat advanced cyber threats to stay ahead of evolving cyber threats.Develop a proactive security approach by identifying...


  • Arlington, Virginia, United States SiloSmashers Full time

    Job OverviewSiloSmashers is seeking an Offensive Security Operations (OffSecOps) professional to collaborate with CISA in enhancing their security posture, improving incident response capabilities, and staying ahead of evolving cyber threats.Key ResponsibilitiesDetecting and analyzing advanced cyber threats to identify vulnerabilities and weaknesses within...


  • Arlington, Virginia, United States Argo Cyber Systems Full time

    At Argo Cyber Systems, we're supporting a U.S. Government customer to provide onsite incident response to civilian Government agencies and critical asset owners experiencing cyber-attacks.We're seeking a highly skilled Cybersecurity Threat Manager to join our team and support this critical mission.Responsibilities:Correlate incident data to identify specific...


  • Arlington, Virginia, United States Argo Cyber Systems Full time

    Argo Cyber Systems, a key partner to the Department of Homeland Security's Hunt and Incident Response Team (HIRT), seeks a skilled Cyber Forensic Investigator to support their critical customer mission.The ideal candidate will have 8+ years of experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools....


  • Arlington, Virginia, United States Gray Tier Technologies LLC Full time

    Job Title: Cyber Threat Hunter SMEWe are looking for a highly skilled Cyber Threat Hunter SME to join our team at Gray Tier Technologies LLC.About the Company:Gray Tier Technologies LLC is a leading provider of cybersecurity services, supporting The Department of Homeland Security (DHS) Hunt and Incident Response Team (HIRT). We provide expert-level...


  • Arlington, Virginia, United States Argo Cyber Systems Full time

    Job OverviewAt Argo Cyber Systems, we are seeking a highly skilled Cyber Network Defense Analyst (CNDA) to join our team. This critical role involves monitoring network activity, analyzing it for evidence of suspicious behavior, and identifying potential threats to information systems and networks.


  • Arlington, Virginia, United States Center for Internet Security Full time

    Job Overview:At the Center for Internet Security, we are seeking a highly skilled Cyber Threat Detection Analyst to join our team. As a Cyber Threat Detection Analyst, you will be responsible for providing comprehensive reviews of security events affecting State, Local, Tribal, and Territorial (SLTT) governments through methods including network and...


  • Arlington, Virginia, United States TestPros Full time

    Job OverviewTestPros, a renowned IT technical support services provider, is seeking a highly skilled Cyber Security Threat Analyst Lead to support a Federal cyber security program.This full-time position offers a competitive salary, medical/dental/vision insurance, life insurance, paid time off, paid holidays, 401(k) retirement plan with company match,...

  • Cyber Defense Analyst

    3 weeks ago


    Arlington, Virginia, United States Argo Cyber Systems Full time

    We are seeking a skilled Cyber Defense Analyst to join our team at Argo Cyber Systems. This critical role involves monitoring network activity, analyzing traffic for suspicious behavior, and identifying potential threats to network resources.The ideal candidate will have 5+ years of direct relevant experience in cyber defense analysis using leading-edge...


  • Arlington, Virginia, United States Center for Internet Security Full time

    Job SummaryCyber Threat Intelligence Analyst - TS/SCI RequiredArlington, VA.The Center for Internet Security is seeking a Cyber Threat Intelligence Analyst to join our team. As a member of the CIS Security Operations Center (SOC), you will be responsible for providing comprehensive review of security events affecting SLTT governments through methods...


  • Arlington, United States Argo Cyber Systems Full time

    The DHS's Hunt and Incident Response Team (HIRT) secures the Nation's cyber and communications infrastructure. HIRT provides DHS's front line response for cyber incidents and proactively hunting for malicious cyber activity. Argo Cyber Systems is a key partner to DHS, and performs HIRT investigations to develop a preliminary diagnosis of the severity of...


  • Arlington, United States Argo Cyber Systems Full time

    The DHS's Hunt and Incident Response Team (HIRT) secures the Nation's cyber and communications infrastructure. HIRT provides DHS's front line response for cyber incidents and proactively hunting for malicious cyber activity. Argo Cyber Systems is a key partner to DHS, and performs HIRT investigations to develop a preliminary diagnosis of the severity of...


  • Arlington, Virginia, United States ICF Full time

    About the RoleWe're seeking a skilled Cyber Operations Specialist to join our team at ICF. As a Cyber Operations Specialist, you will support process development and internal operational coordination across our cybersecurity elements.Key Responsibilities:• Develop and implement effective procedures and processes to ensure the security and resilience of...


  • Arlington, Virginia, United States Leidos Full time

    Cyber Security Expert WantedWe are seeking a highly skilled and experienced Cyber Security Expert to join our team at Leidos. This is an exciting opportunity for individuals who want to make a difference in the field of cyber security.As a Senior Cyber Systems Engineer, you will be responsible for leading small R&D projects, contributing to technical volumes...


  • Arlington, Virginia, United States Tyto Athene, LLC Full time

    Threat Hunting EngineerWe are seeking a highly skilled Threat Hunting Engineer to join our team at Tyto Athene, LLC in Arlington, Virginia. As a key member of our security operations center (SOC), you will play a critical role in detecting and responding to advanced threats.Job Responsibilities:Develop and implement threat hunting plans: Develop and...

  • External Lead

    4 weeks ago


    Arlington, United States Peraton Full time

    Peraton is seeking a Team Lead - Operational Threats and Analysis (OTA)will become part of Peraton's Department of State (Do. S) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable inn Team Lead, Team Leader, External, Operation, Operations, Lead, Business Services