Назад
Company hidden
10 часов назад

Threat Hunt Lead (Cybersecurity)

Формат работы
hybrid
Тип работы
fulltime
Грейд
lead
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Threat Hunt Lead (Cybersecurity): Leading proactive threat hunting operations to identify APTs and anomalous behaviors within a large-scale SOC environment with an accent on hypothesis-driven hunting and adversary emulation. Focus on developing execution plans, analyzing complex telemetry across EDR/SIEM platforms, and driving continuous improvement in detection coverage.

Location: Must be based in or able to commute to Washington, DC (Hybrid)

Company

hirify.global provides specialized IT and cybersecurity support services for federal government agencies.

What you will do

  • Lead proactive threat hunting operations to identify APTs, insider threats, and malicious activity.
  • Develop and execute hypothesis-driven threat hunts using threat intelligence and behavioral analytics.
  • Analyze endpoint, network, cloud, and SIEM telemetry to identify indicators of compromise.
  • Coordinate hunt activities within Agile two-week sprint cycles.
  • Collaborate with Detection Engineering to remediate visibility gaps and improve detection coverage.
  • Provide mentorship and technical guidance to threat hunters and supporting analysts.

Requirements

  • Active Public Trust clearance required.
  • B.S. in Computer Science, Information Technology, or related field.
  • 5+ years of experience in IR within a large SOC (5,000+ endpoints).
  • 3+ years of focused experience in proactive threat hunting or adversary emulation.
  • 3+ years of experience in forming hypotheses and querying large datasets.
  • 2+ years of experience with Python and PowerShell for tool development.
  • Active OSCP or GXPN certification.

Culture & Benefits

  • Support for mission-critical federal government systems.
  • Opportunity to work with advanced security platforms including Splunk, Sentinel, and CrowdStrike.
  • Structured Agile environment with clear sprint deliverables.
  • Focus on continuous improvement and threat hunting maturity.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →