View all jobs

Cyber Threat Hunter

Washington, DC
ClearFocus Technologies, a HUBZone certified company, is located in Leesburg, VA. We specialize in cybersecurity and support multiple government and commercial clients for a variety of missions. We value our clients, integrity and employees and believe a single person can make a difference!  

We are committed to attracting and retaining the best and brightest talent who desire to work with industry leading technology to stay on top of their profession. We provide an excellent benefit package which includes medical, dental, vision, paid time off, 401(k), paid professional development reimbursement and more! 

We are looking for a Threat Hunter to do the following tasks:
  • Collaborate with the different teams to better understand the customer environment
  • Create, maintain, and periodically evaluate standard operating procedures, playbooks, and hunt techniques
  • Utilize Threat Intelligence and Threat Models to formulate cyber threat hunt hypotheses and plans
  • Perform research and analysis of incidents, threats, vulnerabilities, TTPs and other malicious/non-malicious indicators and on technical and intel reports of cyber threat activities of interest.
  • Perform proactive and iterative searches on customer systems and network to detect advanced threats
  • Identify any anomalous/malicious behavior using cyber threat hunt plans and techniques and identify any defensive gaps in the customer environment
  • Create comprehensive cyber threat hunt reports which include sourced threat intelligence, threat hunt findings, limitations, risk analysis and presenting recommendations with prioritized mitigations.
  • Review operational detection mechanisms to assess security posture, recommend/develop new or custom security content to include signatures, alerts, workflows and automation to counter prospective threats and enable future hunts
  • Coordinate response, triage and escalation of any malicious events found with IR team

Minimum Proficiencies:
  • 3+ years of experience with data hunting/manipulation/presentation.
  • Expertise in network and host-based analysis and investigations
  • Experience in planning threat hunts
  • Understanding of complex Enterprise networks (routing, switching, firewalls, proxies, etc.)
  • Knowledge of common networking protocols (http, dns, smb, etc.)
  • Familiarization of Windows, Linux and MacOS operating systems
  • Proficient with scripting languages such as Python or PowerShell
  • Familiarity with Splunk, Crowdstrike, Tanium
  • Skilled in identifying common encoding techniques (e.g., Exclusive Disjunction [XOR], American Standard Code for Information Interchange [ASCII], Unicode, Base64, Uuencode, Uniform Resource Locator [URL] encode).
  • Any 1 of: CISSP (associate), CCSP, SSCP, AND any from the CSSP Analyst, Infrastructure Support, or IR from the DOD 8570 list (or other similar certifications as approved by Government)
  • Active Secret Clearance and Eligibility for TS/SCI
  • Bachelor’s Degree

Share This Job

Powered by