Position Description

The Cyber Hunt Senior Analyst provides senior technical leadership for the client Cyber Hunt mission within the Cybersecurity Services Division. The analyst directs proactive threat hunting, advises on adversary emulation and Purple Team exercises, and shapes the detection frameworks the Security Operations Center uses to find hidden threats across client systems. The role connects client's hunt activities to national-level threat intelligence sharing through CISA, the Joint Cyber Defense Collaborative, sector ISACs, and partner federal SOCs.

Location: The Cyber Hunt Senior Analyst can expect 100% telework. Remote work requires a high level of trust in our employees, and we strictly adhere to the details outlined in our Remote Work Policy below.

Eligibility Requirements: U.S. Citizenship is required due to federal contract obligations, along with the ability to successfully pass a federal background investigation

Required Experience:

• Twelve or more years of experience in cybersecurity and threat intelligence.
• Deep working knowledge of behavioral analytics, threat actor profiling, and detection engineering.
• Hands-on experience with the MITRE ATT&CK framework and CISA threat hunting guidance, including applying ATT&CK techniques to hunt hypotheses and detection logic.
• Practical experience with EDR, NDR, and SIEM platforms in large enterprise or federal environments.
• Familiarity with NIST SP 800-61 Rev. 2, NIST SP 800-150 (Guide to Cyber Threat Information Sharing), and FISMA requirements as they apply to threat hunting and incident response.
• Experience participating in federal threat intelligence sharing programs such as CISA JCDC, DHS AIS, sector ISACs, and FBI InfraGard.
• Strong written and verbal communication skills, including the ability to produce executive-level threat briefings and technical detection documentation.
• Required to obtain and maintain a Non-Sensitive / High Risk (Public Trust) security clearance, Tier 4/6c.

Preferred Qualifications:

• At least one of the following certifications: CISSP, GCIH, GCFA, GREM, GCTI, or GCIA.
• Experience supporting federal SOC operations under FISMA, NIST, and CISA guidance.
• Familiarity with AWS GovCloud telemetry and cloud-native detection patterns.
• Experience leading Purple Team engagements and translating findings into improved detection coverage.
• Experience producing threat actor profiles and campaign tracking against advanced persistent threats (APTs).

Responsibilities:

• Provide strategic oversight and technical leadership for threat hunting, Cyber Threat Intelligence (CTI), and SOC analysts across Tier 1 through Tier 3 operations.
• Advise on threat modeling, adversary emulation, and Purple Team exercises that test client detection coverage against current attacker tactics, techniques, and procedures (TTPs).
• Lead development of threat detection frameworks and behavioral analytics aligned with MITRE ATT&CK, MITRE D3FEND, and CISA threat hunting guidance.
• Direct hypothesis-driven and analytics-based hunt missions using Endpoint Detection and Response (EDR), Network Detection and Response (NDR), and SIEM telemetry to surface lateral movement, command-and-control activity, and other adversary behaviors.
• Support inter-agency collaboration and national-level threat intelligence sharing through CISA JCDC, DHS Automated Indicator Sharing (AIS), sector ISACs, FBI InfraGard, and partner federal SOCs.
• Correlate enriched indicators of compromise (IOCs) and TTPs with internal telemetry, then translate findings into new detection rules, playbooks, and runbook updates.
• Build and maintain the Cyber Hunt knowledge base of IOCs and detection efficacy data, sharing relevant findings with partner SOCs and client stakeholders.
• Produce monthly threat actor profiles, weekly threat briefings, and ad hoc alerts within two hours of a validated threat discovery, tailored for both technical and executive audiences.
• Update Cyber Hunt standard operating procedures, playbooks, and runbooks at least quarterly, or sooner when a gap or improvement is identified.
• Mentor SOC analysts and junior hunters on behavioral analytics, threat actor profiling, and detection engineering.
• Represent client Cyber Hunt in inter-agency threat intelligence exchanges, including at least one exchange per quarter, to keep client aligned with national cybersecurity priorities.

Benefits Snapshot (includes, but not limited to)
Valiant pays 99% of the Medical, Dental, and Vision Coverage for Full-time Employees
Valiant contributes 25% towards Health Coverage for Family and Dependents
100% Paid Short Term Disability and Life Insurance Policy for Full-time Employees
100% Paid Certifications
401K Matching up to 4%
Paid Time Off
Paid Federal Holidays
Wellness & Fitness Program
Valiant University - Online Education and Training Portal
FSA programs for: Medical Costs, Dependent Care, Transit, and Parking
Referral Bonuses

Remote Work Policy

Remote work necessitates a high level of trust in our employees. To ensure that employee performance does not suffer in a remote work environment, all employees who telecommute are expected to have a quiet and distraction-free workspace with adequate internet, dedicate their full attention and availability to their job duties during working hours, and maintain a schedule during core business hours that align with those of their coworkers and Valiant's clients. In alignment with Valiant's inclusive and engaging environment, cameras are encouraged and can be required to be on during virtual video conferences. Additionally, in alignment with the Office of the Inspector General's effort to eliminate conflicting employment, all Valiant employees are required to disclose any current or future outside employment engagements. During onboarding and throughout employment, employees must disclose any current activities or intent to engage in outside employment or other professional activities and obtain written approval. Employees may not solicit or conduct any outside business during core business hours for Valiant Solutions and our clients.

Physical Demands

Sitting or standing at a desk for prolonged periods of time and consistent operation of a computer. Frequent communication and exchanging of accurate information via electronic communication, phones, and in person. Occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.

Authorization to Share Resume and Personal Information

By submitting your resume for this position, you authorize Valiant Solutions to share your resume, as well as, personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should Valiant Solutions or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.

#LI-JM1