Everforth ECS is seeking a
Cyber Hunt Senior Analyst who lives in close proximity to the
National Capital Region (NCR) to join a premier, enterprise-scale cybersecurity program supporting a major federal civilian agency.
Please Note: This position is contingent upon contract award.Salary Range: $165,000 - $185,000
This flagship initiative unifies 24x7x365 Security Operations (SOC), proactive threat hunting, and advanced Security Engineering and Architecture into a cohesive defensive mission. As a senior technical expert on this program, you will drive the protection of highly sensitive, national-level financial, and personally identifiable information (PII). You will be at the forefront of modernizing the agency's cyber posture, implementing advanced automation, and ensuring continuous operational resilience across a massive, highly complex federal IT enterprise.
As a Cyber Hunt Senior Analyst, you will serve as a principal technical authority across threat hunting, cyber threat intelligence (CTI), and detection engineering operations. Working alongside the Cyber Hunt Team Leader, SOC analysts, and agency stakeholders, you will develop and refine advanced detection frameworks, lead threat emulation activities, and deliver high-impact intelligence that measurably reduces risk across the enterprise. Your expertise will directly shape the agency's ability to detect, respond to, and recover from the most sophisticated adversaries operating in today's threat landscape.
Position Responsibilities:- Provide strategic oversight and technical leadership for threat hunting, CTI, and SOC analysts across the program.
- Advise on threat modeling, adversary emulation, and Purple Team exercises to validate and strengthen the agency's defensive posture.
- Support interagency collaboration and national-level threat intelligence sharing initiatives.
- Lead the development and continuous improvement of threat detection frameworks and advanced analytics capabilities.
- Apply the MITRE ATT&CK framework to map observed adversary behaviors to specific techniques, turning fragmented alerts into clear and actionable threat narratives.
- Develop and refine detection engineering strategies, including hypothesis-driven hunting methodologies and behavioral analytics.
- Support the design and execution of adversary emulation exercises to proactively test and improve detection coverage.
- Conduct deep-dive analysis of threat actor profiles, campaigns, and TTPs to inform defensive priorities.
- Produce high-quality threat intelligence reports and briefings for both technical teams and senior government officials.
- Collaborate with SOC, engineering, and architecture teams to ensure detection logic and hunt findings are operationalized across the enterprise.
- Mentor and provide guidance to junior and mid-level hunt analysts, fostering a culture of continuous learning and technical excellence.
Contribute to the development and maintenance of team playbooks, standard operating procedures, and knowledge management repositories.
- U.S. Citizenship required.
- 12+ years of experience in cybersecurity and threat intelligence, with a demonstrated focus on threat hunting, detection engineering, and adversary analysis.
- Remote but within close proximity to the NCR.
- Active Public Trust 6c clearance, or the ability to obtain and maintain one.
- Deep knowledge of behavioral analytics, threat actor profiling, and detection engineering methodologies.
- Hands-on experience with the MITRE ATT&CK framework, including TTP mapping, detection logic development, and adversary emulation.
- Familiarity with CISA threat hunting guidance and federal cybersecurity standards and frameworks.
- Experience with EDR/NDR platforms, SIEM technologies, and cloud-native security tools.
- Proven ability to translate complex technical findings into clear, actionable language for both technical teams and executive and stakeholder audiences.
- Strong written and verbal communication skills, with a track record of producing high-quality federal security documentation.
- Experience supporting interagency threat intelligence sharing and collaboration within federal environments.