Gritter Francona

Cyber Threat Hunt Lead

Gritter Francona  •  Ashburn, VA (Onsite)  •  3 months ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Gritter Francona is looking for a Cyber Threat Hunt Lead to support a potential project with the Department of Homeland Security. The Threat Hunt Lead will build and guide a proactive threat hunting capability for the Department of U.S. Customs and Border Protection (CBP). The Threat Hunt Lead will direct a specialized team in proactively searching for malicious activity across CBP networks that evades traditional security solutions. This role requires an offensive mindset, deep knowledge of attacker TTPs, and expert-level skills with SIEM and endpoint management tools. The Threat Hunt Lead will be responsible for developing hunt hypotheses, executing hunt missions, and coordinating with the SOC to create new detections based on your findings.

Key Responsibilities:

• Lead the CTH team to proactively and iteratively conduct threat hunting efforts against CBP networks, systems, and high value assets to detect and isolate advanced threats.

• Utilize threat models and Cyber Threat Intelligence to formulate hypotheses about attacker activity on CBP networks and systems to investigate during formal hunt missions.

• Propose corrective actions and inform necessary parties of security issues, reportable offenses, or cybersecurity best practices.

• Work with the CBP SOC to create new security content, including signatures and detection alerts, resulting from hunt missions and Purple Team engagements.

• Lead the Cyber Threat Hunt team to report significant findings to leadership and coordinate with asset owners to deconflict findings.

Requirements

  • A minimum of five (5) years of experience as a Tier III senior cyber threat hunt analyst performing threat analysis, technical analysis, and network asset traversal.
  • A minimum of five (5) years of hands-on experience, including recent experience with network-based security monitoring using cybersecurity capabilities.
  • A strong background in host and network-based forensics, intrusion detection, malware identification, and security content development.
  • Deep knowledge of and experience with security information and event management (SIEM) and networked-device management tools such as Splunk and Tanium.
  • Experience interpreting scripts (e.g., VB scripts, Python, C++) to support cyber threat detection.
  • Certified Ethical Hacker (CEH) or one of the following: DoD 8570 IAT Level II or IAM Level I or CSSP Analyst / Incident Responder.

Benefits

  • Health Care Plan (Medical, Dental & Vision)
  • Retirement Plan (401k, IRA)
  • Life Insurance (Basic, Voluntary & AD&D)
  • Paid Time Off (Vacation, Sick & Public Holidays)
  • Short Term & Long Term Disability
  • Training & Development
Gritter Francona

About Gritter Francona

Gritter Francona is a Service Disabled Veteran Owned Small Business (SDVOSB) providing specialized Business and IT Solutions to the government.

"The specialized skills Veterans possess are enhanced by the integrity and passion they inject into each professional interaction and work product. This invaluable blend of know-how and commitment is ingrained in Gritter Francona’s services, as we work to serve our clients in the same manner we served our country. That is The Veteran Edge."

- Cory Gritter, Founder & CEO

Industry
Unknown
Company Size
51-200 employees
Headquarters
Washington D.C. - Baltimore Area
Year Founded
2013
Website
gritterfrancona.com
Social Media