The Role
Perform proactive enterprise threat hunting across NIH-managed systems to identify IOCs/IOAs and APT activity. Conduct hypothesis-driven hunts using MITRE ATT&CK, perform behavioral analysis across endpoints, servers, cloud, and networks, analyze malware and advanced threats, support incident response, and develop new hunting methodologies.
Summary Generated by Built In
cFocus Software seeks a Cyber Hunter to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
Duties:
Qualifications:
- Public Trust Clearance
- B.S. Computer Science, Information Technology, or a related field
- 4+ years conducting threat hunting or advanced cybersecurity investigations.
- Experience supporting Security Operations Centers (SOC).
- Experience conducting incident response investigations.
- Experience utilizing Cyber Threat Intelligence.
- Experience analyzing malware and advanced threats.
- Experience with MITRE ATT&CK Framework.
- Knowledge of NIST SP 800-61 and NIST SP 800-86.
- Ability to obtain and maintain NIH suitability/background investigation.
- Active GCIA, GCIH, GREM, GCFA, CySA+, CISSP, CEH, Security+ or SC-200
Duties:
- Perform proactive enterprise threat hunting across NIH managed systems.
- Identify Indicators of Compromise (IOCs) and Indicators of Attack (IOAs).
- Conduct hypothesis-driven threat hunting utilizing MITRE ATT&CK methodologies.
- Detect Advanced Persistent Threat (APT) activity before operational impact occurs.
- Perform behavioral analysis across enterprise endpoints, servers, cloud environments, and networks.
- Develop new hunting methodologies based upon emerging threats.
Skills Required
- Public Trust Clearance or ability to obtain one
- B.S. in Computer Science, Information Technology, or related field
- 4+ years conducting threat hunting or advanced cybersecurity investigations
- Experience supporting Security Operations Centers (SOC)
- Experience conducting incident response investigations
- Experience utilizing Cyber Threat Intelligence
- Experience analyzing malware and advanced threats
- Experience with MITRE ATT&CK Framework
- Knowledge of NIST SP 800-61
- Knowledge of NIST SP 800-86
- Ability to obtain and maintain NIH suitability/background investigation
- Active GCIA, GCIH, GREM, GCFA, CySA+, CISSP, CEH, Security+ or SC-200
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Established in 2006, cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint. cFocus Software is the exclusive vendor of ATO (Authority To Operate) as a Service™, which automates FedRAMP compliance for the Azure Government Cloud and Office 365. Contact Us for a demo of ATO as a Service™ or a FREE government chatbot proof of concept project today!









