Stondoh LLC.
Cyber Threat Hunt & Forensics Analyst
Stondoh LLC., Washington, District of Columbia, us, 20022
Stondoh Secure Digital Solutions is seeking a Cyber Threat Hunt & Forensics Analyst to:
Ingest and analyze multi-source threat intelligence, including adversary research and
MITRE ATT&CK–mapped Tactics, Techniques, and Procedures (TTPs) , to understand relevant and emerging threats.
Develop and refine
threat hypotheses
based on intelligence, environmental context, and observed behavioral patterns.
Conduct
proactive cyber threat hunting
across enterprise networks, endpoints, cloud environments, and log datasets to identify malicious, suspicious, or anomalous activity that evades existing security controls.
Apply deep technical knowledge of
network protocols, services, and operating system internals
to analyze telemetry, validate hypotheses, and differentiate benign from malicious behavior.
Analyze
adversary tradecraft
across email, application, cloud, and operating system environments to improve behavioral understanding and detection strategy.
Identify
detection gaps
and recommend improvements to hunting techniques, analytics, and security monitoring based on hunt outcomes.
Perform
forensics and malware analysis , as needed, to validate threat hunting findings and extract supporting Indicators of Compromise (IOCs), including support for forensic evidence preservation when required.
Salary Range:
$107,000 – $135,000 Retirement Benefits:
401(k) with 3% Safe Harbor + 3% Employer Match Clearance Required:
Active Secret (Non-SCIF role; occasional secure facility access as needed) Required Skills
Strong written and verbal communication skills to clearly document findings and communicate technical conclusions.
Ability to apply
threat intelligence , including MITRE ATT&CK, to understand adversary behavior and inform hypothesis-driven hunting.
Proficiency in
proactive cyber threat hunting
across enterprise networks, endpoints, cloud environments, and log datasets.
Ability to
develop and refine detections and analytics
based on observed adversary behavior and hunt outcomes.
Strong understanding of
attacker tradecraft
across email, application, and cloud-based threat vectors.
#J-18808-Ljbffr
MITRE ATT&CK–mapped Tactics, Techniques, and Procedures (TTPs) , to understand relevant and emerging threats.
Develop and refine
threat hypotheses
based on intelligence, environmental context, and observed behavioral patterns.
Conduct
proactive cyber threat hunting
across enterprise networks, endpoints, cloud environments, and log datasets to identify malicious, suspicious, or anomalous activity that evades existing security controls.
Apply deep technical knowledge of
network protocols, services, and operating system internals
to analyze telemetry, validate hypotheses, and differentiate benign from malicious behavior.
Analyze
adversary tradecraft
across email, application, cloud, and operating system environments to improve behavioral understanding and detection strategy.
Identify
detection gaps
and recommend improvements to hunting techniques, analytics, and security monitoring based on hunt outcomes.
Perform
forensics and malware analysis , as needed, to validate threat hunting findings and extract supporting Indicators of Compromise (IOCs), including support for forensic evidence preservation when required.
Salary Range:
$107,000 – $135,000 Retirement Benefits:
401(k) with 3% Safe Harbor + 3% Employer Match Clearance Required:
Active Secret (Non-SCIF role; occasional secure facility access as needed) Required Skills
Strong written and verbal communication skills to clearly document findings and communicate technical conclusions.
Ability to apply
threat intelligence , including MITRE ATT&CK, to understand adversary behavior and inform hypothesis-driven hunting.
Proficiency in
proactive cyber threat hunting
across enterprise networks, endpoints, cloud environments, and log datasets.
Ability to
develop and refine detections and analytics
based on observed adversary behavior and hunt outcomes.
Strong understanding of
attacker tradecraft
across email, application, and cloud-based threat vectors.
#J-18808-Ljbffr