Назад
Company hidden
5 дней назад

Cyber Threat Hunter (Cybersecurity)

Формат работы
hybrid
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Cyber Threat Hunter (Cybersecurity): Proactively identifying and investigating security anomalies across cloud and on-premise environments with an accent on hypothesis-based threat hunting and incident response. Focus on utilizing Splunk, EDR tools, and agile methodologies to detect sophisticated threat actor activity within the US Courts judicial fabric.

Location: Must be based in Washington, DC; 80% onsite (Monday-Thursday) required.

Company

hirify.global is a technology services provider supporting government agencies and judicial programs.

What you will do

  • Conduct hypothesis-based threat hunts to identify anomalies indicative of threat actor activity.
  • Perform incident response activities and triage malware events to determine root causes.
  • Develop and document custom detection logic and Splunk searches for automated threat detection.
  • Configure, deploy, and troubleshoot EDR agents like CrowdStrike and Sysmon.
  • Manage and document cyber defense incidents from initial detection through final resolution.
  • Participate in daily Agile Scrum standups and report progress via Jira.

Requirements

  • 5+ years of experience in threat hunting and incident response for cloud and non-cloud environments.
  • 5+ years of experience utilizing Splunk Enterprise Security for queries and look-up tables.
  • 5+ years of experience with EDR agents (CrowdStrike) and custom scripts (Sysmon, Auditd).
  • Proficiency with Microsoft Azure, O365, Active Directory, and Zscaler.
  • Must be able to work 80% onsite at the AOUSC office in Washington, DC.
  • Experience with vulnerability management and network traffic analysis tools.

Nice to have

  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Continuous Monitoring (GMON)
  • GIAC Defending Advanced Threats (GDAT)
  • Splunk Core Power User certification

Culture & Benefits

  • Support for critical US government judicial infrastructure.
  • Agile-driven project environment.
  • Opportunity to work with advanced security intelligence feeds and tools.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →