Cyber Threat Hunter

Job description

cFocus Software seeks a Mid Level Cyber Threat Hunter to join our program supporting US Courts in Washington, DC. This position is 4 days a week onsite in DC and one day remote. Required Qualifications include: - 3- 5 years of experience performing threat hunts & incident response activities for cloud-based and non-cloud-based environments, such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler - 3- 5 years of experience performing hypothesis-based threat hunt & incident response utilizing Splunk Enterprise Security. - 3- 5 years of experience collecting and analyzing data from compromised systems using EDR agents (e.g. CrowdStrike ) and custom scripts (e.g. Sysmon & Auditd ) - 3-5 years of experience with the following threat hunting tools: - Microsoft Sentinel for threat hunting within Microsoft Azure; - Tenable Nessus and SYN/ACK for vulnerability management; - NetScout for analyzing network traffic flow; - SPUR.us enrichment of addresses - Mandiant Threat intel feeds - Must be able to work 80% (Monday thru Thursday) onsite at AOUSC office in Washington, DC Duties: Deliverables: One of the following certifications: - GIAC Certified Intrusion Analyst (G...