Threat Hunting Lead[JOB ID: 20240315]
Job Description
Phoenix Cyber is looking for a Threat Hunting Lead to join our client delivery team. This position is onsite at the client location in the Washington, DC area with the possibility of remote work. This position is normal business hours between 0700 and 1800 ET Monday through Friday. Travel outside of the Washington, DC area is not anticipated.
Responsibilities:
- Manages staff proactively assessing data collected from a variety of cyber defense tools (e.g., IPS alerts, firewall logs, network traffic logs, host-based security logs, etc.) to analyze events that occur within their environments for the purposes of identifying and mitigating threats.
Qualifications:
-
-
- 5 years’ experience in a lead role managing a Security Operations Center or Threat Hunting team.
- 3 years’ experience performing proactive threat hunting duties.
- Certifications: GCTI (Global Information Assurance Certification [GIAC] Cyber Threat Intelligence), GCFA (GIAC Certified Forensic Analyst), GNFA (GIAC Network Forensic Analyst), or equivalent.
- 3 years’ experience leveraging SIEM and SOAR products (Microsoft Sentinel preferred) in support of threat hunting duties.
- Knowledge of intelligence frameworks, processes, and related systems, as well as cyber intelligence/information repositories.
- Knowledge of cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects, as well as the cyber- attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Ability to synthesize complex information and communicate analysis in written products and verbal presentations.
- Ability to work independently.
- Ability to devise and implement creative solutions.
- Ability to represent the organization in intra- and inter-agency meetings, and with external partners.
Phoenix Cyber is a national provider of cybersecurity engineering services, operations services, sustainment services and managed security services to organizations determined to strengthen their security posture and enhance the processes and technology used by their security operations team.
Phoenix Cyber is an equal opportunity employer and complies with Executive Order 11246, Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veteran's Readjustment Assistance Act (VEVRAA), all amendments to these regulations, and applicable executive orders, federal, and state regulations. Applicants are considered without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, and/or veteran status.
Phoenix Cyber participates in E-Verify to confirm the employment eligibility of all newly-hired employees. To learn more about E-Verify, including your rights and responsibilities, go to https://www.e-verify.gov/
Date Posted
03/15/2024
Views
4
Similar Jobs
Regional Director Public Sector Sales DOW - Chainguard
Views in the last 30 days - 0
The job seeks a Regional Director with sales expertise and security clearance to lead public sector initiatives and build partnerships Responsibilitie...
View Details2025 Sensor Modeling and Simulation Analysis Engineer - The Aerospace Corporation
Views in the last 30 days - 0
The Aerospace Corporation is a trusted partner to the nations space programs providing technical expertise and innovative solutions across satellite l...
View DetailsManager, Customer Success - Bold Penguin
Views in the last 30 days - 0
Bold Penguin a leading digital solution platform for small commercial insurance is seeking a Manager of Customer Success The role involves leading a t...
View Details