M9Solutions
M9Solutions

Senior Threat Hunter

otherfull-timeRemote - Secret clearance required
SALARY
$60k – $180k/yr
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
general
Apply for this position
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more

About the role

Senior Threat Hunter

M9 Solutions is seeking a Senior Threat Hunter to work remotely in support of a government contract for a client located in Washington, DC. An active Secret clearance is required.

Required Skills and Qualifications

  • Active Secret security clearance.
  • Bachelor’s Degree (Bachelor’s Degree may be substituted with additional 4+ years of experience).
  • 5+ years of experience with data hunting/manipulation/presentation.
  • Experience in management or as team leader, managing projects and tasks against tight deadlines.
  • Skill in generating queries and reports.
  • Ability to interpret and incorporate data from multiple tool sources.
  • Skill in conducting queries and developing algorithms to analyze data structures.
  • Knowledge of MITRE ATT&CK and D3FEND frameworks.
  • Knowledge of the TCP/IP networking stack and network IDS technologies.
  • Experience with searching network flow, PCAP, logs, and sensors for evidence of cyber-attack patterns, and hunting for Advanced Persistent Threats (APT).
  • Experience with creating reusable hunt tactics and techniques.
  • Knowledge related to the current state of cyber adversary tactics and trends.
  • Knowledge of SIEM search language, search techniques, alerts, dashboards, and report building.
  • Possess strong analytical skills and the ability to effectively research, write, communicate, and brief to varying levels of audiences, including at the executive level.
  • Experience with complex malware analysis.
  • Skill in identifying common encoding techniques (e.g., Exclusive Disjunction [XOR], American Standard Code for Information Interchange [ASCII], Unicode, Base64, Uuencode, Uniform Resource Locator [URL] encode).
  • Skill in writing scripts using R, Python, PIG, HIVE, SQL, etc.
  • Experience with EDR solutions.
  • Ability to develop, update, and maintain standard operating procedures and other technical documentation.
  • Possess any 1 of: CISSP (associate), CCSP, SSCP, GCIH, GNFA, GCIA, and any from the CSSP Analyst or Infrastructure Support.
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $15/mo. Cancel anytime.
Get AutoApply
Apply now
Senior Threat Hunter at M9Solutions — Remote