Threat Lead

At Agile Defense we know that action defines the outcome and new challenges require new solutions. That’s why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.

Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility—leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation’s vital interests.

Requisition #: 1434

Job Title:

Threat Hunt Lead

Location:

Reston, VA

Clearance Level: TS (SCI Eligible)

GIAC, GCIH or CEH

Agile Defense is seeking an accomplished Threat Hunt Lead to support USG enterprise cybersecurity programs delivering 24/7/365 Cybersecurity Operations Center (SOC) services. To ensure the integrity, security and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response. Strong written and verbal communications skills are a must. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables.

These positions will focus on threat analysis, detection content development, malware analysis, support incident response and actioning Cyber Threat Intelligence (skills in more than one cyber discipline are preferred).

Leads threat hunting across large enterprise environments, leveraging cyber threat intelligence (CTI) to design TTP or hypothesis hunts and collaborating with detection engineering, incident response, and asset owners to validate and remediate findings. Plan, schedule and execute hunts based on adversary tactics, techniques, and procedures (TTPs); pivot across host, cloud and network telemetry to uncover unknown threats. Develop and interpret detections and analytics, coordinate remediation efforts with asset owners and incident response teams.

Communicate significant findings to USG leadership; maintain a prioritized hunt backlog and track success metrics.

GCIA, GCIH or GFCA OR CEH

Bachelor’s degree in computer science, Engineering, STEM, Information Technology, or Cybersecurity

A minimum of five (5) years of experience as a Tier 3 senior cyber threat hunt analyst performing threat analysis, technical analysis, and network asset traversal. A minimum of five (5) years of hands‑on experience with experience in the last two (2) years that includes host and network‑based security monitoring using cybersecurity capabilities.

Applicant will possess a strong cyber security background with experience in host and network-based forensics related to the identification of advanced cyber threat activities, intrusion detection, malware identification, and security content development (e.g., signatures, rules, queries etc.).

Shall have experience interpreting a variety of scripts or programming languages to support cyber threat hunts or malware analysis in a variety of formats, such as VB scripts, Python, Power Shell, JavaScript, and HTML, XML or other types needed for analysis.

Candidates will have experience in conducting cyber threat hunt analysis, utilizing cyber threat intelligence to identify and prioritize tactics, techniques, and procedures to hunt against.

Have a deep knowledge of capabilities and experience with security information and event management (SIEM) and networked-device management tools such as Splunk and EDR solutions.

Candidates will have experience in maintaining a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats actors and activities to enhance cybersecurity posture of the organization’s IT operating environment.

Will work with the Cyber Threat Intelligence team to report significant findings of importance to leadership as well as coordinate with Pentest team and asset owners to deconflict findings.

Candida…