Senior Threat Hunter

Job description

cFocus Software seeks a Threat Hunter to support the Administrative Offices of the United States Courts (AOUSC) in Washington, DC. This position will require 4 days a week onsite at the Thurgood Marshall Building and 1 day remote with hours of 8am- 4:30pm. Required Qualifications include: - Ability to obtain a Public Trust - 5 years of experience performing threat hunts & incident response activities for cloud-based and non-cloud-based environments, such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler - 5 years of experience performing hypothesis-based threat hunt & incident response utilizing Splunk Enterprise Security. - 5 years of experience collecting and analyzing data from compromised systems using EDR agents (e.g. CrowdStrike ) and custom scripts (e.g. Sysmon & Auditd ) - 5 years of experience with the following threat hunting tools: - Microsoft Sentinel for threat hunting within Microsoft Azure; - Tenable Nessus and SYN/ACK for vulnerability management; - NetScout for analyzing network traffic flow; - SPUR.us enrichment of addresses - Mandiant Threat intel feeds - Must be able to work 80% (Monday thru Thursday) onsite at AOUSC office in Washingt...