"Alerted.org

Cyber Threat Hunt Analyst

Location- Washington, DC

Clearance- Secret

Salary- 110k-135k/yr

_The above salary range represents the range expected for the position; however, final salary offers are based on a number of factors such as the position’s responsibilities; the candidate’s experience, education, and skills; location; travel required; and current market conditions._

_This program requires US Citizenship_

To support a full range of cyber security services on a long-term contract in Washington DC, we are seeking a _Cyber Threat Hunt & Forensics Analyst to_ :

+ Ingest and analyze multi-source threat intelligence, including adversary research and **MITRE ATT&CK–mapped Tactics, Techniques, and Procedures (TTPs)** , to understand relevant and emerging threats.

+ Develop and refine **threat hypotheses** based on intelligence, environmental context, and observed behavioral patterns.

+ Conduct **proactive cyber threat hunting** across enterprise networks, endpoints, cloud environments, and log datasets to identify malicious, suspicious, or anomalous activity that evades existing security controls.

+ Apply deep technical knowledge of **network protocols, services, and operating system internals** to analyze telemetry, validate hypotheses, and differentiate benign from malicious behavior.

+ Analyze **adversary tradecraft** across email, application, cloud, and operating system environments to improve behavioral understanding and detection strategy.

+ Identify **detection gaps** and recommend improvements to hunting techniques, analytics, and security monitoring based on hunt outcomes.

+ Perform **forensics and malware analysis** , as needed, to validate threat hunting findings and extract supporting Indicators of Compromise (IOCs), including support for forensic evidence preservation when required.

Required Skills

+ Strong written and verbal communication skills to clearly document findings and communicate technical conclusions.

+ Ability to apply **threat intelligence** , including MITRE ATT&CK, to understand adversary behavior and inform hypothesis-driven hunting.

+ Proficiency in **proactive cyber threat hunting** across enterprise networks, endpoints, cloud environments, and log datasets.

+ Ability to **develop and refine detections and analytics** based on observed adversary behavior and hunt outcomes.

+ Strong understanding of attacker tradecraft across email, application, and cloud-based threat vectors.

+ Advanced knowledge of networking fundamentals (TCP/IP, DNS, SMTP, DHCP) to analyze telemetry and network activity.

+ Advanced knowledge of operating system internals and security mitigations across major platforms (Windows, Linux, macOS, mobile).

Desired Skills

+ Experience performing digital forensics on network, host, or memory artifacts to validate threat hunting findings.

+ Experience analyzing malware or anomalous code to determine malicious intent and functionality.

+ Experience using forensic tools such as EnCase, Sleuthkit, or FTK.

+ Experience preserving and handling digital evidence, including maintenance of chain of custody.

+ Scripting or automation experience (e.g., Python, PowerShell, Bash) to support hunting workflows.

+ Experience using SIEM platforms and query languages (e.g., Splunk, Sentinel).

+ Experience producing threat intelligence products, including written reports or briefings.

Desired Certifications / Experience

+ Bachelor’s degree or higher.

+ 10+ years of experience performing cyber threat hunting and supporting forensic analysis in support of enterprise or government incident response.

Position Responsibilities

+ Analyze threat intelligence and adversary frameworks (including MITRE ATT&CK and the Azure Threat Research Matrix) to identify relevant tactics, techniques, gaps, and detection shortfalls.

+ Plan and execute intelligence-driven and hypothesis-based cyber threat hunts across enterprise environments.

+ Research and correlate large datasets and telemetry to uncover novel attack techniques, track adversary tradecraft, and investigate security alerts.

+ Design, develop, and enhance cloud-native threat detections and analytics, including support for automated detection capabilities.

+ Apply structured methodologies (e.g., Agile) to organize threat hunting activities, intelligence analysis, and reporting of outcomes.

+ Analyze logs and supporting artifacts to validate threat hunting findings and determine adversary activity and scope.

+ Perform digital forensics and evidence handling, as required, including creation of forensically sound copies and preservation of chain of custody, and produce clear technical reporting.

_ABBTECH is an EOE/Minorities/Women/Disabled Individuals/Veterans_