Cyber Threat Hunter

equired Qualifications

• Active TS/SCI security clearance

• DoD 8570 IAT/IAM certification requirements (Security+ may be obtained after hire if needed).

• Bachelor's degree with significant relevant experience required; Master's degree preferred.
• Approximately 15+ years of cybersecurity experience.
• 8+ years of experience in cyber threat hunting, cyber analysis, blue team, or purple team operations.
• Experience supporting or working within a U.S. Government Cyber Security Service Provider (CSSP) environment.
• Strong experience identifying advanced cyber threats, conducting investigations, and developing detection methodologies.
• Ability to brief senior government leadership on cyber threats, trends, and operational impacts.
• Excellent written, verbal, and interpersonal communication skills.

• GCIH, CEH, or similar analyst-focused cybersecurity certification.

Desired Qualifications:

• CISSP certification
• Experience with threat intelligence integration and detection engineering.
• Experience developing custom signatures, analytics, and correlation rules.
• Experience using Elastic or similar enterprise security monitoring platforms.
• Previous experience mentoring junior analysts and threat hunters.
• PhD in Cybersecurity or a related field.

Responsibilities

• Conduct proactive cyber threat hunting activities across Department of Defense networks to identify and mitigate advanced threats before they impact operations.
• Investigate threat actor tactics, techniques, and procedures (TTPs) and develop detection logic, signatures, and countermeasures to identify malicious activity.
• Perform host-based and network-based threat analysis, incident analysis, trend analysis, and detection engineering activities.
• Integrate threat intelligence into detection and monitoring capabilities to improve threat visibility and response.
• Collaborate with cybersecurity, network operations, and incident response teams to strengthen overall defensive capabilities.
• Provide recommendations to improve threat detection, monitoring, and cyber defense processes.
• Participate as a senior technical contributor during cyber incident response activities and provide remediation recommendations.
• Develop detailed technical reports and brief findings to senior government leadership, including SES and Flag Officer-level stakeholders.
• Mentor and develop junior threat hunters and analysts, fostering technical growth and knowledge sharing across the team.
• Support a Department of Defense Cyber Security Service Provider (CSSP) environment responsible for defending some of the federal government's most critical networks.