Cyber Threat Hunter

Description

Are you ready to make an impact? Come help us solve some of our customer's most vexing problems.

The Leidos Digital Modernization sector has an exciting career opportunity for a Principal Cyber Threat Hunter. This position will support a large Department of Defense (DOD) Cyber Security Service Providers (CSSP) and is responsible for proactively identifying, investigating, and mitigating complex cyber threats across our subscribers' networks. Leveraging a deep knowledge of the threat landscape, the Principal Cyber Threat Hunter will enhance our cybersecurity posture, implement advanced detection strategies, and test various hunting hypotheses to identify and neutralize threats to the DODIN. C5ISR CSSP provides network operations and cyber defense for CSSP subscribers. IYour work will be performed on site in Adelphi, MD. Your best work is ahead!

• Support a threat team that performs threat hunting, host/network analysis, incident, trend analysis, content development, and detection engineering.
• Conduct proactive threat hunting across our subscribers' networks, identifying and investigating potential threats before they can cause damage or disruption.
• Leverage new and existing cybersecurity tools and methodologies to detect, analyze, and mitigate cyber threats, integrating threat intelligence into sensing infrastructure.
• Identify threat actor tactics, techniques and procedures and develop countermeasures (such as custom signatures and correlation logic) to detect and/or mitigate adversary activity.
• Collaborate with internal and external stakeholders, including IT, network, and security teams, to improve the overall cybersecurity posture of subscriber systems.
• Keep abreast of the latest cybersecurity threats, trends, and technologies, providing recommendations to improve threat detection and response capabilities.
• Develop and deliver cybersecurity training for the threat hunting team, network defense team, and other relevant staff to increase their understanding and response capabilities.
• As a senior member of the team, serve as a mentor, promoting professional growth and a culture of continuous learning and improvement.
• Oversee the creation of detailed reports on findings and remediation actions, communicating effectively with senior management and relevant stakeholders.
• Participate in incident response operations as an expert when high severity incidents occur, recommending remediation actions based on the analysis of the threat.

• MS degree and 15 years of prior relevant experience (degree can be substituted by professional work experience)
• 20+ years of cybersecurity experience
• 10+ years of threat hunting and/or purple/blue-team experience
• Currently possess an active TS/SCI security clearance.
• 8570 IAT I & IAM II (e.g. Security+), and CSSP Analyst certification (e.g. CEH, GCIH, etc.)
• Excellent written, verbal, and interpersonal communication skills with the ability to brief senior leadership (SES & Flag-officer) leadership on cyber threat activity and cybersecurity trends as-needed.

• Penetration testing experience
• Experience working for a Cybersecurity Service Provider (CSSP) or Security Operations Center (SOC)
• Experience using a prominent Security Information and Event Management (SIEM) tool (e.g. Splunk, Elasticsearch, Graylog, etc.)
• Custom signature development experience
• Packet analysis experience
• Microsoft Sentinel experience