Everforth ECS is seeking a
Cyber Hunt Team Leader who lives in close proximity to the
National Capital Region (NCR) to join a premier, enterprise-scale cybersecurity program supporting a major federal civilian agency.
Please Note: This position is contingent upon contract award.Salary Range: $140,000 - $160,000
This flagship initiative unifies 24x7x365 Security Operations (SOC), proactive threat hunting, and advanced Security Engineering and Architecture into a cohesive defensive mission. As a key leader on this program, you will drive the protection of highly sensitive, national-level financial and personally identifiable information (PII). You will be at the forefront of modernizing the agency's cyber posture, implementing advanced automation, and ensuring continuous operational resilience across a massive, highly complex federal IT enterprise.
As the Cyber Hunt Team Leader, you will direct and execute proactive threat hunting operations, leading a skilled team in uncovering advanced threats concealed within complex federal networks and systems. Working closely with SOC analysts, Cyber Threat Intelligence (CTI) teams, and agency stakeholders, you will develop and refine detection strategies, lead threat emulation exercises, and deliver actionable intelligence that reduces risk across the enterprise.
Position Responsibilities:- Lead proactive threat hunting missions and advanced analytics to identify and neutralize threats before they impact agency operations.
- Serve as an incident response lead, proactive/persistent hunt lead, and project/technical lead for the Hunt Team.
- Coordinate with SOC, CTI, and other business partners and government teams to identify and mitigate advanced persistent threats (APTs).
- Develop threat hypotheses, detection logic, and a comprehensive knowledge base of Indicators of Compromise (IoCs).
- Support Purple Team exercises and threat emulation activities to validate and improve the agency's defensive posture.
- Oversee and coordinate analysis and development of capabilities related to network analysis and network device integrity for incident response and proactive threat hunting.
- Lead teams in responding to critical network intrusions across the federal enterprise.
- Provide leadership and program management for large-scale hunt operations, identifying technical roadmaps for the use of new and emerging technologies to maximize hunt capabilities across network, endpoint, and cloud-based environments.
- Develop and continuously improve threat hunting methodologies, playbooks, and standard operating procedures.
- Serve as a trusted liaison between hunt team personnel and agency stakeholders, facilitating clear communication and timely issue resolution.
Present findings, risk recommendations, and threat intelligence to senior government officials in a clear, actionable format.
- U.S. Citizenship required.
- 10+ years of cybersecurity experience, with demonstrated expertise in threat hunting, incident response, and adversary tracking.
- Remote but within close proximity to the NCR.
- Active Public Trust 6c clearance, or the ability to obtain and maintain one.
- At least one of the following certifications: CISSP, GCIH, GCFA, or CEH.
- Hands-on experience with EDR/NDR platforms, SIEM tools, MITRE ATT&CK framework, and threat emulation methodologies.
- Strong understanding of operating systems, networking, and adversary tactics, techniques, and procedures (TTPs).
- Experience leading threat hunting teams within a Security Operations Center (SOC) environment.
- Proven ability to develop threat hypotheses and translate complex technical findings into clear, actionable intelligence for both technical teams and executive audiences.
- Excellent written and verbal communication skills, with a track record of producing high-quality federal security documentation.