cFocus Software seeks a Threat Hunter to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications:
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
Minimum 5–8 years of experience in threat hunting, incident response, or SOC operations.
Hands-on experience with enterprise SIEM, EDR, and network security tools.
Strong understanding of MITRE ATT&CK, kill chain analysis, and adversary behaviors.
Experience analyzing large-scale security telemetry and logs.
Knowledge of NIST SP 800-61, NIST SP 800-53, and federal incident response requirements.
Strong analytical, scripting, and technical writing skills.
Active GCED, GCTI, GCIA, or CISSP (preferred).
Duties:
Conduct proactive, hypothesis-driven threat hunting to identify advanced persistent threats, insider threats, and stealthy adversary activity.
Analyze system, endpoint, network, cloud, and application telemetry to identify anomalous behaviors.
Develop and refine threat hunting hypotheses based on threat intelligence, MITRE ATT&CK techniques, and observed trends.
Perform in-depth log analysis using SIEM and security analytics platforms.
Identify, analyze, and validate Indicators of Compromise (IOCs) and adversary TTPs.
Collaborate with SOC Analysts and Incident Responders to escalate confirmed threats.
Develop and tune detection rules, correlation searches, and behavioral analytics.
Produce weekly threat hunting reports documenting methodologies, findings, and recommendations.
Support malware analysis and reverse engineering activities when required.
Integrate threat intelligence feeds from HHS CSIRC, CISA, and other trusted sources.
Assist in containment, eradication, and remediation activities during confirmed incidents.
Support incident response playbooks, SOP updates, and continuous improvement initiatives.
Participate in cyber exercises, tabletop exercises, and red/purple team engagements.
Maintain documentation for threat hunting workflows, tools, and techniques.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Sales, General Business, and Education
Industries
Wireless Services, Telecommunications, and Communications Equipment Manufacturing
Referrals increase your chances of interviewing at cFocus Software Incorporated by 2x