-
Cyber Threat Hunt Analyst
- ABBTECH Professional Resources, Inc. (Washington, DC)
-
Cyber Threat Hunt Analyst
Location- Washington, DC
Clearance- Secret
Salary- 110k-135k/yr
_The above salary range represents the range expected for the position; however, final salary offers are based on a number of factors such as the position’s responsibilities; the candidate’s experience, education, and skills; location; travel required; and current market conditions._
_This program requires US Citizenship_
To support a full range of cyber security services on a long-term contract in Washington DC, we are seeking a _Cyber Threat Hunt & Forensics Analyst to_ :
+ Ingest and analyze multi-source threat intelligence, including adversary research and **MITRE ATT&CK–mapped Tactics, Techniques, and Procedures (TTPs)** , to understand relevant and emerging threats.
+ Develop and refine **threat hypotheses** based on intelligence, environmental context, and observed behavioral patterns.
+ Conduct **proactive cyber threat hunting** across enterprise networks, endpoints, cloud environments, and log datasets to identify malicious, suspicious, or anomalous activity that evades existing security controls.
+ Apply deep technical knowledge of **network protocols, services, and operating system internals** to analyze telemetry, validate hypotheses, and differentiate benign from malicious behavior.
+ Analyze **adversary tradecraft** across email, application, cloud, and operating system environments to improve behavioral understanding and detection strategy.
+ Identify **detection gaps** and recommend improvements to hunting techniques, analytics, and security monitoring based on hunt outcomes.
+ Perform **forensics and malware analysis** , as needed, to validate threat hunting findings and extract supporting Indicators of Compromise (IOCs), including support for forensic evidence preservation when required.
Required Skills
+ Strong written and verbal communication skills to clearly document findings and communicate technical conclusions.
+ Ability to apply **threat intelligence** , including MITRE ATT&CK, to understand adversary behavior and inform hypothesis-driven hunting.
+ Proficiency in **proactive cyber threat hunting** across enterprise networks, endpoints, cloud environments, and log datasets.
+ Ability to **develop and refine detections and analytics** based on observed adversary behavior and hunt outcomes.
+ Strong understanding of attacker tradecraft across email, application, and cloud-based threat vectors.
+ Advanced knowledge of networking fundamentals (TCP/IP, DNS, SMTP, DHCP) to analyze telemetry and network activity.
+ Advanced knowledge of operating system internals and security mitigations across major platforms (Windows, Linux, macOS, mobile).
Desired Skills
+ Experience performing digital forensics on network, host, or memory artifacts to validate threat hunting findings.
+ Experience analyzing malware or anomalous code to determine malicious intent and functionality.
+ Experience using forensic tools such as EnCase, Sleuthkit, or FTK.
+ Experience preserving and handling digital evidence, including maintenance of chain of custody.
+ Scripting or automation experience (e.g., Python, PowerShell, Bash) to support hunting workflows.
+ Experience using SIEM platforms and query languages (e.g., Splunk, Sentinel).
+ Experience producing threat intelligence products, including written reports or briefings.
Desired Certifications / Experience
+ Bachelor’s degree or higher.
+ 10+ years of experience performing cyber threat hunting and supporting forensic analysis in support of enterprise or government incident response.
Position Responsibilities
+ Analyze threat intelligence and adversary frameworks (including MITRE ATT&CK and the Azure Threat Research Matrix) to identify relevant tactics, techniques, gaps, and detection shortfalls.
+ Plan and execute intelligence-driven and hypothesis-based cyber threat hunts across enterprise environments.
+ Research and correlate large datasets and telemetry to uncover novel attack techniques, track adversary tradecraft, and investigate security alerts.
+ Design, develop, and enhance cloud-native threat detections and analytics, including support for automated detection capabilities.
+ Apply structured methodologies (e.g., Agile) to organize threat hunting activities, intelligence analysis, and reporting of outcomes.
+ Analyze logs and supporting artifacts to validate threat hunting findings and determine adversary activity and scope.
+ Perform digital forensics and evidence handling, as required, including creation of forensically sound copies and preservation of chain of custody, and produce clear technical reporting.
_ABBTECH is an EOE/Minorities/Women/Disabled Individuals/Veterans_
-
Recent Jobs
-
Microsoft Dynamics Project Manager
- Guidehouse (Mclean, VA)
-
Senior Software Engineer, FrontRow Databases, AlloyDB
- Google (New York, NY)
-
Project Manager I - Engineering
- ONEOK, Inc (Medford, OK)
-
Staff Accountant
- Robert Half Finance & Accounting (New Castle, DE)