The Threat Hunt (TH) Lead oversees a team responsible for proactively assessing data collected from various cyber defense tools to analyze events within organizational environments for identifying and mitigating threats. This role requires a deep understanding of cyber threats, advanced persistent threats (APTs), and the ability to leverage a variety of tools and techniques to hunt for indicators of compromise (IOCs) and adversary tactics, techniques, and procedures (TTPs).
Education & Experience
- Bachelor’s degree (preferred).
- Minimum 10 years of overall IT experience.
- 5 years of experience in a lead role managing a Security Operations Center or Threat Hunting team.
- 3 years of experience performing proactive threat hunting duties.
- 3 years of experience leveraging SIEM and SOAR products (Microsoft Sentinel preferred) for threat hunting duties.
- Knowledge of intelligence frameworks, processes, and cyber intelligence/information repositories.
- Understanding of cyber operations concepts, terminology, principles, capabilities, and limitations.
- Ability to synthesize complex information and communicate analysis effectively.
- Independent work capability and creative problem-solving skills.
- Strong representation skills in intra- and inter-agency meetings and with external partners.
Certifications
- At least one of relevant industry certifications such as GCTI (Global Information Assurance Certification [GIAC] Cyber Threat Intelligence), GCFA (GIAC Certified Forensic Analyst), GNFA (GIAC Network Forensic Analyst), GIAC Security Expert (GSE), or equivalent.
Security Clearance
- Candidate must be a US Citizen.
- DHS Customer will perform and adjudicate customer background investigation prior to work start.
- Candidate must be eligibility for potential Top Secret or Top Secret with SCI.
- Active Top Secret Clearance (Preferred).
Other (Travel, Work Environment, DoD 8570 Requirements, Administrative Notes, etc.)
- Local travel within 50-mile radius of Washington, DC may be required.
- Work location in Washington DC with Telework/Remote work authorized at Customer discretion.
Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.
Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Aaron McClellan in Human Resources at
314.952.5138 or [email protected].