TS​/SCI - Threat Hunter Analyst - On-Site Springfield, VA

Client

A Northern Virginia‑based, small federal technology firm that delivers mission‑critical data management, advanced analytics, application development, and IT services to national security customers.

Hunt Team Member

On‑Site in Springfield, VA

Full‑Time

TS/SCI

• Total schedule will remain 40 hours per week
• You will have 2 consecutive days off each week, regardless of shift mix
• Initial Training Period (first few months): 6 AM – 6 PM, weekdays

• 2–3 weekday shifts: 3 PM – 11 PM
• Weekend shift: one shift between 6 AM – 6 PM
• Additional weekday shifts as needed: 9 AM – 5 PM

We’re looking for a Team Analyst to join our Insider Threat team. In this role, you will proactively hunt for insider threats within the DHS enterprise network. You’ll analyze user behavior, detect unusual activity, and help prevent security incidents.

• Actively search for insider threat activity across logs, network traffic, EDR tools, and platforms.
• Use behavioral analysis and anomaly detection to identify suspicious patterns.
• Work with User and Entity Behavior Analytics (UEBA) tools to detect unusual user activity.
• Combine data from multiple sources (e.g., endpoint, identity, cloud activity) to produce threat insights.
• Experience with machine learning and AI‑based analysis is a plus.

• Create and refine insider threat detection rules based on risk and user behavior.
• Build custom detection alerts and rules using DHS tools.
• Adjust alerts to reduce false positives while keeping strong threat coverage.

• Work closely with forensic analysts, HR, and legal teams during insider threat investigations.
• Assist with triage and response efforts while ensuring evidence is handled properly and privacy is respected.
• Document findings in reports and brief stakeholders on the risk and response.