Senior Threat Hunter
AI Summary
A Senior Threat Hunter conducts proactive threat hunting, analyzes logs/PCAP/EDR data, and applies MITRE ATT&CK and MITRE D3FEND to identify malicious activity and support incident response.
About this role
Senior Threat Hunter
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.
*** This position is contingent upon contract award ***
Overview
SOSi is seeking a Senior Threat Hunter to support proactive cyber defense activities in alignment with our customer. This role is responsible for conducting threat hunting operations, analyzing data from multiple sources to identify malicious activity, supporting detection and response efforts, and applying advanced analytical techniques to improve cyber defense operations.
Responsibilities
- Conduct proactive threat hunting to identify malicious activity, indicators of compromise, and anomalous behavior across the enterprise
- Analyze data from logs, sensors, endpoint detection and response (EDR) tools, and full packet capture (PCAP) sources to detect threats
- Apply threat hunting methodologies using MITRE ATT&CK and MITRE D3FEND frameworks
- Support detection, analysis, and response to cyber threats in coordination with SOC and incident response teams
- Perform analysis of TCP/IP traffic, intrusion detection system (IDS) data, malware activity, and adversary tactics, techniques, and procedures (TTPs)
- Use scripting and query tools to support threat analysis, data hunting, and development of analytical outputs
- Support development of threat hunting products, reporting, and recommendations to improve cyber defense detection and monitoring
Qualifications
- Experience:
- Five (5) or more years of experience in data hunting, manipulation, and presentation
- Management or team lead experience
- Experience with MITRE ATT&CK and MITRE D3FEND
- Experience analyzing TCP/IP, IDS data, PCAP, logs, and sensor data
- Experience supporting malware analysis
- Experience with Endpoint Detection and Response (EDR) tools
- Experience with scripting or query languages including R, Python, PIG, HIVE, or SQL
- Education:
- Bachelor’s Degree
- (Bachelor’s Degree may be substituted with additional 4+ years of experience as approved by Government)
- Certifications:
One of:- GCIH
- GNFA
- GCIA
- Plus one DoD 8570 CSSP certification in:
- CISSP (Associate)
- CCSP
- SSCP
- Clearance/Suitability: Secret (active), Top Secret, SCI Eligible
Additional Information
Work Environment
- Normal office conditions with potential to perform duties in deployed locations.
- Core hours of operation are Monday through Friday, 0600 – 1700.
- May be requested to work evenings and weekends to meet program and contract needs.
Working at SOSi
All interested individuals will receive consideration and will not be discriminated against for any reason.
Skills
Explore related jobs
More jobs at SOSi
Similar EDR jobs
Jobs in Washington
Traffic Control TechnicianDynamic Concepts, Inc. · Washington, District of Columbia
Operations ManagerBurjline Builders · Washington, United States
Private Duty Nurse (RN/LPN): All Shifts!Journey Nursing Services · Shoreline, Washington
Customer Service RepresentativeBurjline Builders · Washington, United States
WarehousemanDynamic Concepts, Inc. · Washington, District of Columbia
Bench TechnicianDynamic Concepts, Inc. · Washington, District of Columbia