Cyber Threat Hunter, Lead

The Opportunity:

Cyber threats are evolving, and perimeter security and automated protection aren’t enough—it’s time to go threat hunting. We need your help in detecting advanced cyber threats to international government and defense organizations, critical information infrastructure (CII), and Global 2000 companies. Instead of letting the attackers come to us, let’s go find them.

We’re looking for an experienced cybersecurity specialist who can think like a cyber attacker to figure out how to circumvent security measures. You’ll use your network defense experience and analytical skills to rapidly prototype and develop tools to create haystacks and sift through the false positives to find patterns and indicators. Work with our team of seasoned Threat Hunters, Detection Engineers, and Threat Intelligence Analysts to find the adversary and advise clients on ways to close the gaps and harden their network.

With your technical expertise, you’ll build creative solutions to help your customers meet their toughest challenges. This is a chance to think differently about cyber defense, use completely new tools and approaches, and develop the next generation of security analytics. Let’s outsmart the adversary and secure our nation's critical networks.

Join us. The world can’t wait.

You Have:

• 5+ years of experience with cybersecurity offensive or defensive technical operations, or national defense intelligence operations
• Experience with Advanced Persistent Threat (APT) hunting, penetration testing, digital forensics, SOC operations, or incident response
• Ability to profile and track malicious actors that pose a threat in coordination with threat intelligence support teams
• Ability to review and analyze security log files from various sources, including cloud, network, endpoint, or IdAM
• HS diploma or GED

Nice If You Have:

• Experience with common threat-hunting solutions, tools, or techniques used to analyze malware, extract indicators, and create signatures
• Experience with Windows Enterprise security and systems administration, ATP, ATA, or Sentinel, and SIEM or SOC, including QRadar, SplunkES, and ArcSight
• Experience with data hunting, ELK, Splunk, Apache Spark, AWS Stack, and GCP
• Experience with scripting, REST APIs, and forensic tools, including FTK and Encase
• Experience with endpoint telemetry, Carbon Black, FireEye HX, Falcon, Tanium, and Endgame
• Possession of excellent verbal and written communication skills
• Possession of excellent presentation skills
• GIAC GCFA, GCFE, GREM, GNFA, GSNA, CISA, or OSCP certification

EEO Commitment

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.