AOUSC - Threat Hunt Lead

cFocus Software Incorporated • $120K — $150K *

Washington, DC 20011In-Person

Information Technology

5 - 7 years of experience

1 week ago

By clicking Apply, I agree with Ladders' Terms of Use and Privacy Policy

Job Overview by Ladders

Qualifications

Active Public Trust clearance is required for the role.
Bachelor's degree in Computer Science, Information Technology, or a related field.
Minimum of 5 years in Incident Response within a large Security Operations Center, with at least 3 years focused on proactive threat hunting.
At least 3 years of proven experience in forming hypotheses, querying datasets, and identifying APT behavior.
2+ years utilizing scripting languages like Python and PowerShell to create tools.
Possession of active OSCP or GXPN certification.

Responsibilities

Lead proactive threat hunting to uncover APTs, insider threats, and other malicious activities.
Develop and execute data-driven threat hunt strategies using threat intelligence and behavioral analytics.
Coordinate threat hunt activities in Agile sprints, ensuring effective outcome execution.
Craft Threat Hunt Execution Plans outlining hypotheses, objectives, methodologies, and procedures.
Analyze diverse telemetry sources to spot indicators of compromise and attack patterns.
Collaborate with Cybersecurity teams to escalate threats according to established protocols.
Advise on detection and visibility gaps during threat hunts.
Conduct in-depth analyses of emerging threat behaviors and attack trends.
Produce detailed reports outlining findings, recommendations, and operational impacts of hunt activities.

Benefits

Hybrid work environment located in Washington, DC.
Opportunity to work on high-impact cybersecurity initiatives.
Engagement with federal stakeholders and court systems.
Mentorship role with junior analysts and team members.
Access to cutting-edge security technologies and methods.

Full Job Description

cFocus Software seeks a Threat Hunt Lead to join our program supporting the Administrative Office of the United States Courts (AOUSC). This position is Hybrid with the onsite location being in Washington, DC. This position requires a Public Trust clearance.
Qualifications:

Active Public Trust clearance
B.S. Computer Science, Information Technology, or a related field
5+ years within IR in a large SOC (over 5,000 endpoints) with at least 3 years focused on proactive threat hunting or adversary emulation.
3+ years of experience with demonstrated proficiency in forming hypothesis, querying large datasets and identifying APT behavior.
2+ years' experience with demonstrated proficiency in scripting languages including Python and PowerShell to develop new tools.
This role most closely aligns with the NICE work role PD-WRL-006 (Threat Analysis).
Active OSCP or GXPN certification

Duties:

Lead proactive threat hunting operations to identify Advanced Persistent Threats (APT), insider threats, malicious activity, and anomalous behaviors that evade traditional security controls.
Develop and execute hypothesis-driven threat hunts leveraging threat intelligence, adversary tactics, techniques, and procedures (TTPs), behavioral analytics, and anomalous telemetry.
Coordinate threat hunt activities within Agile two-week sprint cycles and ensure successful execution of all assigned hunt objectives and deliverables.
Develop Threat Hunt Execution Plans that define hunt hypotheses, objectives, technical methodologies, required telemetry, and investigative procedures.
Analyze endpoint, network, cloud, identity, SIEM, EDR, and log telemetry to identify indicators of compromise (IOCs), suspicious activity, and attack patterns.
Coordinate and escalate confirmed or suspected findings to the Cybersecurity Triage and Incident Response teams in accordance with the Judiciary SOC Incident Response Plan (JSOCIRP).
Collaborate with Detection Engineering teams to identify and remediate logging, telemetry, detection, or visibility gaps discovered during threat hunting operations.
Work closely with Cyber Threat Intelligence teams to operationalize intelligence, enrich investigations, and identify emerging threats impacting the Judiciary.
Conduct advanced analysis of threat actor behaviors, malware campaigns, phishing activity, suspicious infrastructure, and attack trends.
Develop detailed Threat Hunt Reports documenting hunt objectives, findings, TTPs, queries used, telemetry gaps, identified risks, and recommendations for improved detections.
Produce executive-level Hunt Sprint Reports summarizing hunt activities, operational impacts, recommendations, and emerging cybersecurity risks.
Provide real-time investigative support during cybersecurity incidents and high-priority threat investigations.
Perform analysis utilizing Splunk Enterprise Security, Microsoft Sentinel, Splunk SOAR, CrowdStrike, Qualys, ServiceNow, Jira, and other AO-approved security platforms.
Support the development and refinement of threat models tailored to Judiciary systems, high-value assets, and mission-critical environments.
Develop and maintain threat hunting SOPs, playbooks, technical procedures, and investigative methodologies aligned with AO and federal cybersecurity standards.
Support enterprise security awareness initiatives through threat briefings, technical reporting, and operational presentations.
Participate in weekly technical meetings, operational reviews, and status briefings with AO leadership and federal stakeholders.
Provide mentorship, technical guidance, and quality oversight to threat hunters and supporting analysts.
Support transition-in and transition-out activities, operational readiness, documentation development, and knowledge transfer activities.
Drive continuous improvement initiatives focused on detection coverage, telemetry enrichment, operational efficiency, and threat hunting maturity.

About cFocus Software Incorporated

Established in 2006, cFocus Software has provided IT services to Federal Government agencies for over 10 years. And they’re just getting started! Follow us as they continue to innovate and serve their federal government customers.

cFocus Software Incorporated Careers

Joining cFocus Software Incorporated presents an unparalleled opportunity to become part of a leading team of professionals dedicated to pioneering innovations in the technology sector. As a company renowned for its commitment to excellence and growth, cFocus Software Incorporated offers a range of job opportunities designed to empower career advancement and professional development.

Explore Career Opportunities

cFocus Software Incorporated is actively hiring and offers a variety of positions that cater to a range of skills and experiences. Whether you're looking for an entry-level role or a senior leadership position, cFocus Software Incorporated provides a platform to enhance your career. Explore open positions that align with your professional interests and expertise.

Innovative Work Environment

cFocus Software Incorporated is committed to innovation and leadership in the technology industry. The company encourages a culture of creativity and problem-solving, where each team member’s contribution is valued. Professionals at cFocus Software Incorporated work on cutting-edge projects that push the boundaries of technology and have a lasting impact on clients and communities.

Professional Growth and Development

cFocus Software Incorporated believes in nurturing the growth of its employees through comprehensive professional development and diversity training programs. These initiatives ensure that every team member has the tools and knowledge necessary to succeed. Employees are encouraged to take on challenging projects that foster personal and professional growth.

Internship Programs

For those starting their careers, cFocus Software Incorporated offers internship programs that provide a robust foundation in technology and business practices. Interns gain hands-on experience, working alongside seasoned professionals and participating in projects that offer real-world applications and outcomes.

Benefits and Culture

cFocus Software Incorporated is dedicated to supporting its employees with a competitive array of benefits. The company prioritizes work-life balance, health, and well-being, ensuring that the team can perform at its best. cFocus Software Incorporated's inclusive culture promotes diversity and equal opportunity, making it a great place to work for individuals from all backgrounds.

Networking and Leadership Opportunities

Employees at cFocus Software Incorporated have numerous opportunities to engage in networking and leadership activities. These opportunities allow for career advancement and the development of new skills through interaction with industry leaders and peers.

Applying for a Position

To apply for a position at cFocus Software Incorporated, candidates should prepare their resume to highlight relevant experience and skills. The interview process is designed to assess fit both for the role and the company culture. cFocus Software Incorporated seeks passionate, curious, and innovative team players who are ready to drive change.

Stay Connected with cFocus Software Incorporated Careers

Keep up to date with the latest from cFocus Software Incorporated by following the careers blog. Gain insights from industry leaders and get tips on everything from crafting your resume to acing your next interview.

Join the cFocus Software Incorporated Team

Search for job opportunities and find the position that matches your skills and passions. With cFocus Software Incorporated, embark on a rewarding career path filled with excellent benefits, a supportive culture, and endless opportunities for growth.

SEARCH cFOCUS SOFTWARE JOBS

READ CAREERS BLOG

Job Alert Emails

Personalize your subscription to receive job alerts, latest news, and insider tips tailored to your preferences. Discover the exciting and rewarding opportunities that await at cFocus Software Incorporated.

Learn more about cFocus Software Incorporated

Size

11 employees

Industry