Can I apply directly for this job on this page?

You can apply directly on this page using our quick application form. Your application is sent immediately to the hiring team, and no account is required.

What is the role of a AOUSC - Threat Hunt Lead at cFocus Software Incorporated?

The AOUSC - Threat Hunt Lead position at cFocus Software Incorporated is a Full-Time opportunity in the Admin/Clerical/Secretarial field.

Where is this AOUSC - Threat Hunt Lead job located?

Washington, District of Columbia, 20001, United States

What is the expected salary for this AOUSC - Threat Hunt Lead job?

Compensation will be discussed during the hiring process.

AOUSC - Threat Hunt Lead job near me in Washington, District of Columbia at cFocus Software Incorporated | Jobs and Employment

cFocus Software seeks a Threat Hunt Lead to join our program supporting the Administrative Office of the United States Courts (AOUSC). This position is Hybrid with the onsite location being in Washington, DC. This position requires a Public Trust clearance.
Qualifications:

Active Public Trust clearance
B.S. Computer Science, Information Technology, or a related field
5+ years within IR in a large SOC (over 5,000 endpoints) with at least 3 years focused on proactive threat hunting or adversary emulation.
3+ years of experience with demonstrated proficiency in forming hypothesis, querying large datasets and identifying APT behavior.
2+ years’ experience with demonstrated proficiency in scripting languages including Python and PowerShell to develop new tools.
This role most closely aligns with the NICE work role PD-WRL-006 (Threat Analysis).
Active OSCP or GXPN certification

Duties:

Lead proactive threat hunting operations to identify Advanced Persistent Threats (APT), insider threats, malicious activity, and anomalous behaviors that evade traditional security controls.
Develop and execute hypothesis-driven threat hunts leveraging threat intelligence, adversary tactics, techniques, and procedures (TTPs), behavioral analytics, and anomalous telemetry.
Coordinate threat hunt activities within Agile two-week sprint cycles and ensure successful execution of all assigned hunt objectives and deliverables.
Develop Threat Hunt Execution Plans that define hunt hypotheses, objectives, technical methodologies, required telemetry, and investigative procedures.
Analyze endpoint, network, cloud, identity, SIEM, EDR, and log telemetry to identify indicators of compromise (IOCs), suspicious activity, and attack patterns.
Coordinate and escalate confirmed or suspected findings to the Cybersecurity Triage and Incident Response teams in accordance with the Judiciary SOC Incident Response Plan (JSOCIRP).
Collaborate with Detection Engineering teams to identify and remediate logging, telemetry, detection, or visibility gaps discovered during threat hunting operations.
Work closely with Cyber Threat Intelligence teams to operationalize intelligence, enrich investigations, and identify emerging threats impacting the Judiciary.
Conduct advanced analysis of threat actor behaviors, malware campaigns, phishing activity, suspicious infrastructure, and attack trends.
Develop detailed Threat Hunt Reports documenting hunt objectives, findings, TTPs, queries used, telemetry gaps, identified risks, and recommendations for improved detections.
Produce executive-level Hunt Sprint Reports summarizing hunt activities, operational impacts, recommendations, and emerging cybersecurity risks.
Provide real-time investigative support during cybersecurity incidents and high-priority threat investigations.
Perform analysis utilizing Splunk Enterprise Security, Microsoft Sentinel, Splunk SOAR, CrowdStrike, Qualys, ServiceNow, Jira, and other AO-approved security platforms.
Support the development and refinement of threat models tailored to Judiciary systems, high-value assets, and mission-critical environments.
Develop and maintain threat hunting SOPs, playbooks, technical procedures, and investigative methodologies aligned with AO and federal cybersecurity standards.
Support enterprise security awareness initiatives through threat briefings, technical reporting, and operational presentations.
Participate in weekly technical meetings, operational reviews, and status briefings with AO leadership and federal stakeholders.
Provide mentorship, technical guidance, and quality oversight to threat hunters and supporting analysts.
Support transition-in and transition-out activities, operational readiness, documentation development, and knowledge transfer activities.
Drive continuous improvement initiatives focused on detection coverage, telemetry enrichment, operational efficiency, and threat hunting maturity.

AOUSC - Threat Hunt Lead in Washington, District of Columbia at cFocus Software Incorporated

Explore Related Opportunities

Job Description

Scan to Apply

Job Location

Frequently asked questions about this position

Similar Jobs In Washington, District of Columbia

Senior Cyber Security Analyst (TS Clearance with SCI Eligibility)

Senior Red Team Cyber Operator

Remediation and Mitigation Lead, Top Secret

Information System Security Officer - TS/SCI w/Polygraph

Data Access Cell Specialist

Apply NowYour application goes straight to the hiring team

More Jobs Like This

SAP S/4 HANA Business Systems Analyst

Information Systems Security Officer

Vulnerability Management Lead, Top Secret

Clinical Informaticist (RN) - Sinai Hospital - Patient Care Services

Revenue Cycle Informaticist - Electronic Health Records