Threat Hunt Lead

About Agile Defense   At Agile Defense we know that action defines the outcome and new challenges require new solutions. That’s why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.   Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility—leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation’s vital interests. Requisition #: 1434 Job Title: Threat Hunt Lead Location: Reston, VA Clearance Level: TS (SCI Eligible) Required Certification(s): GIAC, GCIH or CEH   SUMMARY   Agile Defense is seeking an accomplished Threat Hunt Lead to support USG enterprise cybersecurity programs delivering 24/7/365 Cybersecurity Operations Center (SOC) services. To ensure the integrity, security and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response. Strong written and verbal communications skills are a must. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables. These positions will focus on threat analysis, detection content development, malware analysis, support incident response and actioning Cyber Threat Intelligence (skills in more than one cyber discipline are preferred).   JOB DUTIES AND RESPONSIBILITIES   Leads threat hunting across large enterprise environments, leveraging cyber threat intelligence (CTI) to design TTP or hypothesis hunts and collaborating with detection engineering, incident response, and asset owners to validate and remediate findings. Plan, schedule and execute hunts based on adversary tactics, techniques, and procedures (TTPs); pivot across host, cloud and network telemetry to uncover unknown threats. Develop and interpret detections and analytics, coordinate remediation efforts with asset owners and incident response teams. Communicate significant findings to USG leadership; maintain a prioritized hunt backlog and track success metrics.   QUALIFICATIONS Required Certifications   GCIA, GCIH or GFCA OR CEH Education, Background, and Years of Experience Bachelor’s degree in computer science, Engineering, STEM, Information Technology, or Cybersecurity   ADDITIONAL SKILLS & QUALIFICATIONS Required Skills   A minimum of five (5) years of experience as a Tier 3 senior cyber threat hunt analyst performing threat analysis, technical analysis, and network asset traversal. A minimum of five (5) years of hands-on experience with experience in the last two (2) years that includes host and network-based security monitoring using cybersecurity capabilities.   Applicant will possess a strong cyber security background with experience in host and network-based forensics related to the identification of advanced cyber threat activities, intrusion detection, malware identification, and security content development (e.g., signatures, rules, queries etc.).   Shall have experience interpreting a variety of scripts or programming languages to support cyber threat hunts or malware analysis in a variety of formats, such as VB scripts, Python, PowerShell, JavaScript, and HTML, XML or other types needed for analysis.   Candidates will have experience in conducting cyber threat hunt analysis, utilizing cyber threat intelligence to identify and prioritize tactics, techniques, and procedures to hunt against.   Have a deep knowledge of capabilities and experience with security information and event management (SIEM) and networked-device management tools such as Splunk and EDR solutions.   Candidates will have experience in maintaining a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats actors and activities to enhance cybersecurity posture of the organization’s IT operating environment.   Will work with the Cyber Threat Intelligence team to report significant findings of importance to leadership as well as coordinate with Pentest team and asset owners to deconflict findings.   Candidate will lead the Cyber Threat Hunt team to propose corrective actions and inform the necessary parties of security issues, reportable offenses, or cybersecurity best practices. Candidate will have strong written and oral communication skills   Preferred Skills   GFCA, GREM, GFNA,OSCP, GPEN   WORKING CONDITIONS Environmental Conditions   Hybrid in Reston, VA Strength Demands Physical Requirements