Apply on Employer Site

Tyto Athene, LLC · 2 days ago

Cyber Threat Hunt Team Lead

Ashburn, VA

Full-time

Onsite

Senior Level

5+ years exp

Tyto Athene is searching for a Cyber Threat Hunt Team Lead to support a law enforcement customer in Ashburn, VA. The role involves leading in-depth analyses and responding to incidents from cyber threats, collaborating with threat analysts and a SOC, and mentoring junior analysts.

Information Technology

Work & Life Balance

No H1B

Security Clearance Required

U.S. Citizen Only

Hiring Manager

Suzanne Murphy

Responsibilities

Lead cross-functional teams to perform in-depth analysis and investigation of high-priority cybersecurity incidents

Utilize security tools to analyze, investigate, and triage security alerts

Lead and execute advanced cyber threat hunting operations to detect and mitigate sophisticated threats across enterprise networks and systems

Perform detailed threat analysis, technical analysis, and network asset traversal to identify anomalies and malicious activity

Collaborate with the SOC and Threat Analysts to contain and investigate major incidents

Provide simple and reusable hunt tactics and techniques to a team of security engineers, SIEM specialists, and SOC analysts

Conduct host- and network-based forensic investigations to detect advanced persistent threats (APTs), intrusions, malware, and suspicious activity

Develop and refine threat detection content, including custom signatures, rules, and advanced analytics

Interpret scripts and code artifacts in languages such as VBScript, Python, C++, HTML, XML, and others necessary for threat identification and response

Collaborate closely with the Cyber Threat Intelligence (CTI) team to integrate intelligence findings into hunt strategies and prioritize tactics, techniques, and procedures (TTPs)

Maintain expert-level understanding of industry threat actors, tactics, cyber threat trends, and evolving attack techniques

Communicate significant findings to leadership and work with IT asset owners to deconflict events and ensure appropriate response actions

Recommend and drive corrective actions, best practices, and cybersecurity improvements across the organization’s IT environment

Lead the Cyber Threat Hunt team in day-to-day operations, mentoring junior analysts and shaping hunt methodologies

Qualification

Cyber Threat HuntingForensic AnalysisSIEM ManagementMalware IdentificationNetwork ForensicsIntrusion DetectionSecurity Content DevelopmentThreat Intelligence CollaborationMentoring Junior AnalystsReporting FindingsUnderstanding Cyber Threat LandscapeCorrective Actions RecommendationsCommunication Skills

Required

5+ years of experience as a Tier III Cyber Threat Hunt Analyst conducting advanced threat hunting and forensic analysis

5+ years of hands-on experience in cybersecurity operations, including at least 2 years of recent experience in network-based security monitoring

Strong background in cybersecurity domains including: Host and network forensics, Intrusion detection and analysis, Malware identification and reverse engineering fundamentals, Security content and signature development

Demonstrated ability to interpret and analyze automated scripts and programming code to support detection efforts

Experience using and managing SIEM and endpoint/network defense platforms such as Splunk and Tanium

Proven expertise in analyzing and understanding the global cyber threat landscape and adversary behaviors

Strong communication skills with experience reporting findings to senior leadership and stakeholders

TS/SCI Clearance required