The Role
The Detection Engineer / Threat Hunter will design detection mechanisms, conduct threat hunting, analyze security incidents, and improve detection strategies while providing support for SOC operations.
Summary Generated by Built In
cFocus Software seeks a Detection Engineer / Threat Hunter to join our program supporting Housing and Urban Development (HUD). This position is remote. This position requires a Public Trust clearance.
Qualifications:
Qualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
- 7+ years of experience in threat detection, threat hunting, or SOC operations.
- Experience with SIEM platforms (e.g., Splunk), EDR tools (e.g., CrowdStrike), and cloud security tools (AWS Security).
- Strong knowledge of MITRE ATT&CK framework and threat actor tactics, techniques, and procedures (TTPs).
- Design, develop, and maintain threat detection use cases, analytics, and correlation rules within SIEM/SOAR platforms (e.g., Splunk).
- Perform proactive threat hunting across network, endpoint, and cloud environments to identify advanced persistent threats and anomalous behavior.
- Analyze logs, alerts, and telemetry from multiple sources (EDR, IDS/IPS, cloud, applications) to detect malicious activity.
- Leverage threat intelligence (CISA, MITRE ATT&CK, vendor feeds) to enhance detection logic and hunting strategies.
- Continuously improve detection coverage and reduce false positives through tuning and automation.
- Develop and execute threat hunting hypotheses based on emerging threats and intelligence.
- Collaborate with incident response teams to investigate and contain security incidents.
- Build and maintain detection playbooks and automation workflows.
- Support development of advanced analytics and behavioral detection models.
- Conduct root cause analysis of incidents and recommend security improvements.
- Participate in continuous monitoring and SOC operations supporting 24/7/365 mission.
- Perform gap analysis of detection capabilities and recommend improvements.
- Support log aggregation, enrichment, and normalization for improved detection fidelity.
- Create dashboards and reporting to communicate threat posture and detection effectiveness.
- Contribute to security architecture improvements and tool optimization.
Top Skills
Aws Security
Computer Science
Crowdstrike
Cybersecurity
Edr
Information Technology
Mitre Att&Ck
SIEM
Splunk
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Established in 2006, cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint. cFocus Software is the exclusive vendor of ATO (Authority To Operate) as a Service™, which automates FedRAMP compliance for the Azure Government Cloud and Office 365. Contact Us for a demo of ATO as a Service™ or a FREE government chatbot proof of concept project today!
.png)
