logo inner

HHS - Threat Hunter

Companycfocussoftware
LocationWorldwide
TypeRemote
cFocus Software seeks a Threat Hunter to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.

Qualifications:


  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
  • Minimum 5–8 years of experience in threat hunting, incident response, or SOC operations.
  • Hands-on experience with enterprise SIEM, EDR, and network security tools.
  • Strong understanding of MITRE ATT&CK, kill chain analysis, and adversary behaviors.
  • Experience analyzing large-scale security telemetry and logs.
  • Knowledge of NIST SP 800-61, NIST SP 800-53, and federal incident response requirements.
  • Strong analytical, scripting, and technical writing skills.
  • Active GCED, GCTI, GCIA, or CISSP (preferred).

Duties:


  • Conduct proactive, hypothesis-driven threat hunting to identify advanced persistent threats, insider threats, and stealthy adversary activity.
  • Analyze system, endpoint, network, cloud, and application telemetry to identify anomalous behaviors.
  • Develop and refine threat hunting hypotheses based on threat intelligence, MITRE ATT&CK techniques, and observed trends.
  • Perform in-depth log analysis using SIEM and security analytics platforms.
  • Identify, analyze, and validate Indicators of Compromise (IOCs) and adversary TTPs.
  • Collaborate with SOC Analysts and Incident Responders to escalate confirmed threats.
  • Develop and tune detection rules, correlation searches, and behavioral analytics.
  • Produce weekly threat hunting reports documenting methodologies, findings, and recommendations.
  • Support malware analysis and reverse engineering activities when required.
  • Integrate threat intelligence feeds from HHS CSIRC, CISA, and other trusted sources.
  • Assist in containment, eradication, and remediation activities during confirmed incidents.
  • Support incident response playbooks, SOP updates, and continuous improvement initiatives.
  • Participate in cyber exercises, tabletop exercises, and red/purple team engagements.
  • Maintain documentation for threat hunting workflows, tools, and techniques.


Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025