Senior Threat Hunter
SOSi, Washington, District of Columbia, United States
Company Description
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.
Job Description
Overview
SOSi is seeking a Senior Threat Hunter to support proactive cyber defense activities in alignment with our customer. This role is responsible for conducting threat hunting operations, analyzing data from multiple sources to identify malicious activity, supporting detection and response efforts, and applying advanced analytical techniques to improve cyber defense operations.
Responsibilities Conduct proactive threat hunting to identify malicious activity, indicators of compromise, and anomalous behavior across the enterprise Analyze data from logs, sensors, endpoint detection and response (EDR) tools, and full packet capture (PCAP) sources to detect threats Apply threat hunting methodologies using MITRE ATT&CK and MITRE D3FEND frameworks Support detection, analysis, and response to cyber threats in coordination with SOC and incident response teams Perform analysis of TCP/IP traffic, intrusion detection system (IDS) data, malware activity, and adversary tactics, techniques, and procedures (TTPs) Use scripting and query tools to support threat analysis, data hunting, and development of analytical outputs Support development of threat hunting products, reporting, and recommendations to improve cyber defense detection and monitoring Qualifications
Experience:
Five (5) or more years of experience in data hunting, manipulation, and presentation Management or team lead experience Experience with MITRE ATT&CK and MITRE D3FEND Experience analyzing TCP/IP, IDS data, PCAP, logs, and sensor data Experience supporting malware analysis Experience with Endpoint Detection and Response (EDR) tools Experience with scripting or query languages including R, Python, PIG, HIVE, or SQL
Education:
Bachelor's Degree (Bachelor's Degree may be substituted with additional 4+ years of experience as approved by Government)
Certifications: One of:
CISSP (Associate) CCSP SSCP GCIH GNFA GCIA
Plus one DoD 8570 CSSP certification in: CSSP Analyst CSSP Infrastructure Support CSSP Incident Responder Clearance/Suitability : Secret (active), Top Secret, SCI Eligible Additional Information
Work Environment
Normal office conditions with potential to perform duties in deployed locations. Core hours of operation are Monday through Friday, 0600 - 1700. May be requested to work evenings and weekends to meet program and contract needs.
Working at SOSi
All interested individuals will receive consideration and will not be discriminated against for any reason.
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.
Job Description
Overview
SOSi is seeking a Senior Threat Hunter to support proactive cyber defense activities in alignment with our customer. This role is responsible for conducting threat hunting operations, analyzing data from multiple sources to identify malicious activity, supporting detection and response efforts, and applying advanced analytical techniques to improve cyber defense operations.
Responsibilities Conduct proactive threat hunting to identify malicious activity, indicators of compromise, and anomalous behavior across the enterprise Analyze data from logs, sensors, endpoint detection and response (EDR) tools, and full packet capture (PCAP) sources to detect threats Apply threat hunting methodologies using MITRE ATT&CK and MITRE D3FEND frameworks Support detection, analysis, and response to cyber threats in coordination with SOC and incident response teams Perform analysis of TCP/IP traffic, intrusion detection system (IDS) data, malware activity, and adversary tactics, techniques, and procedures (TTPs) Use scripting and query tools to support threat analysis, data hunting, and development of analytical outputs Support development of threat hunting products, reporting, and recommendations to improve cyber defense detection and monitoring Qualifications
Experience:
Five (5) or more years of experience in data hunting, manipulation, and presentation Management or team lead experience Experience with MITRE ATT&CK and MITRE D3FEND Experience analyzing TCP/IP, IDS data, PCAP, logs, and sensor data Experience supporting malware analysis Experience with Endpoint Detection and Response (EDR) tools Experience with scripting or query languages including R, Python, PIG, HIVE, or SQL
Education:
Bachelor's Degree (Bachelor's Degree may be substituted with additional 4+ years of experience as approved by Government)
Certifications: One of:
CISSP (Associate) CCSP SSCP GCIH GNFA GCIA
Plus one DoD 8570 CSSP certification in: CSSP Analyst CSSP Infrastructure Support CSSP Incident Responder Clearance/Suitability : Secret (active), Top Secret, SCI Eligible Additional Information
Work Environment
Normal office conditions with potential to perform duties in deployed locations. Core hours of operation are Monday through Friday, 0600 - 1700. May be requested to work evenings and weekends to meet program and contract needs.
Working at SOSi
All interested individuals will receive consideration and will not be discriminated against for any reason.