HUD Detection Engineer Threat Hunter

Washington, AR - USA

Monthly Salary: Not Disclosed

Posted on: 9 days ago

Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a Detection Engineer / Threat Hunter to join our program supporting Housing and Urban Development (HUD). This position is remote. This position requires a Public Trust clearance.
Qualifications:

Bachelors degree in Cybersecurity Information Technology Computer Science or related field.
7 years of experience in threat detection threat hunting or SOC operations.
Experience with SIEM platforms (e.g. Splunk) EDR tools (e.g. CrowdStrike) and cloud security tools (AWS Security).
Strong knowledge of MITRE ATT&CK framework and threat actor tactics techniques and procedures (TTPs).

Duties:

Design develop and maintain threat detection use cases analytics and correlation rules within SIEM/SOAR platforms (e.g. Splunk).
Perform proactive threat hunting across network endpoint and cloud environments to identify advanced persistent threats and anomalous behavior.
Analyze logs alerts and telemetry from multiple sources (EDR IDS/IPS cloud applications) to detect malicious activity.
Leverage threat intelligence (CISA MITRE ATT&CK vendor feeds) to enhance detection logic and hunting strategies.
Continuously improve detection coverage and reduce false positives through tuning and automation.
Develop and execute threat hunting hypotheses based on emerging threats and intelligence.
Collaborate with incident response teams to investigate and contain security incidents.
Build and maintain detection playbooks and automation workflows.
Support development of advanced analytics and behavioral detection models.
Conduct root cause analysis of incidents and recommend security improvements.
Participate in continuous monitoring and SOC operations supporting 24/7/365 mission.
Perform gap analysis of detection capabilities and recommend improvements.
Support log aggregation enrichment and normalization for improved detection fidelity.
Create dashboards and reporting to communicate threat posture and detection effectiveness.
Contribute to security architecture improvements and tool optimization.

Required Experience:

Senior IC

Bachelors degree in Cybersecurity Information Technology Computer Science or related field.
7 years of experience in threat detection threat hunting or SOC operations.
Experience with SIEM platforms (e.g. Splunk) EDR tools (e.g. CrowdStrike) and cloud security tools (AWS Security).
Strong knowledge of MITRE ATT&CK framework and threat actor tactics techniques and procedures (TTPs).

Duties:

Design develop and maintain threat detection use cases analytics and correlation rules within SIEM/SOAR platforms (e.g. Splunk).
Perform proactive threat hunting across network endpoint and cloud environments to identify advanced persistent threats and anomalous behavior.
Analyze logs alerts and telemetry from multiple sources (EDR IDS/IPS cloud applications) to detect malicious activity.
Leverage threat intelligence (CISA MITRE ATT&CK vendor feeds) to enhance detection logic and hunting strategies.
Continuously improve detection coverage and reduce false positives through tuning and automation.
Develop and execute threat hunting hypotheses based on emerging threats and intelligence.
Collaborate with incident response teams to investigate and contain security incidents.
Build and maintain detection playbooks and automation workflows.
Support development of advanced analytics and behavioral detection models.
Conduct root cause analysis of incidents and recommend security improvements.
Participate in continuous monitoring and SOC operations supporting 24/7/365 mission.
Perform gap analysis of detection capabilities and recommend improvements.
Support log aggregation enrichment and normalization for improved detection fidelity.
Create dashboards and reporting to communicate threat posture and detection effectiveness.
Contribute to security architecture improvements and tool optimization.