Cyber Threat Hunter
MANTECH · McLean, VA · 4 days ago
On-siteInformation TechnologyFull-time
Responsibilities
- Conducting proactive threat hunting using the HMM-4 approach and MITRE ATT&CK framework.
- Developing and refining hypotheses for targeted threat hunts based on threat intelligence, internal data, and analysis of attacker tactics, techniques, and procedures (TTPs).
- Collaborating with internal teams to collect and analyze security event data from various sources, such as logs, alerts, network traffic, and endpoint telemetry.
- Utilizing cutting-edge tools and technologies to identify indicators of compromise (IOCs) and anomalies that may indicate potential threats.
- Performing in-depth analysis of identified threats, assessing their impact, and recommending appropriate mitigation and response strategies.
- Documenting investigative objectives and producing detailed reports on findings, including root cause analysis, recommendations for remediation, and enhanced detections where defensive gaps are identified.
- Staying up to date with the latest cyber threats, attack techniques, and security technologies through continuous learning and knowledge sharing.
Requirements
- 2+ years of professional experience as a cyber security analyst, incident responder, and/or other closely related cyber security discipline.
- Experience with SIEM platforms, EDR solutions, network traffic analysis, and an understanding of cloud environments (AWS, Azure, etc.).
- Experience with problem-solving skills with the ability to translate complex technical findings in a clear, complete, and accurate manner for technical and non-technical audiences.
- Relevant industry certifications and a solid foundation in network protocols and Microsoft Windows endpoint security.
Preferred Qualifications
- Bachelor’s degree in cyber security/information security, computer science, engineering, or other closely related IT discipline.
- 4+ years of professional experience in a cyber-security related capacity.
- Demonstrated understanding of or proficiency in using cyber threat hunting models, the MITRE ATT&CK framework, and mapping adversary TTPs to observed activities.
- More advanced industry-relevant professional certifications (e.g., CISSP, GCIH, CThH, CySA+).
Clearance Requirements
An active TS/SCI with Polygraph is required for this position.
Physical Requirements
Must be able to remain in a stationary position 50%. Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. Frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.