CBO - Tier 3 / Threat Hunter (Cybersecurity)

TL;DR

Threat Hunter (Cybersecurity): Performing proactive threat hunting and advanced incident investigations for the Congressional Budget Office with an accent on KQL detection logic and multi-source telemetry correlation. Focus on root cause analysis, forensic investigations, and refining detection use cases based on the MITRE ATT&CK framework.

Location: Remote (US). Must have active Public Trust clearance

Company

hirify.global provides specialized IT and cybersecurity support for government agencies, including the Congressional Budget Office.

What you will do

• Conduct proactive threat hunting across identity, endpoint, network, and cloud telemetry.
• Lead advanced incident investigations, including root cause and forensic analysis.
• Develop and tune detection logic and analytics within Microsoft Sentinel using KQL.
• Correlate multi-source telemetry aligned to the MITRE ATT&CK framework.
• Analyze logs from Microsoft Defender, AWS, firewalls, and VPNs.
• Collaborate with Tier 1 and Tier 2 analysts to optimize triage and escalation processes.

Requirements

• Active Public Trust clearance.
• B.S. in Computer Science, IT, or a related field.
• 7+ years of experience in cybersecurity operations, threat hunting, or incident response.
• Proficiency with Microsoft Sentinel, KQL, and Microsoft Defender XDR.
• Experience analyzing logs in cloud (AWS), network, and endpoint environments.
• Deep knowledge of the MITRE ATT&CK framework and adversary techniques.

Nice to have

• Certifications such as GCIA, GCIH, CISSP, or CEH.
• Microsoft security platform certifications.
• Relevant cloud security certifications (e.g., AWS security).
• Privacy certifications like CIPP/US or CIPM.