New 
Security - Threat Hunter (Sr)
 Quadrant, Inc. | |
 United States, D.C., Washington | |
 Jan 30, 2025 | |
|
Sr Threat Hunter Washington, DC MUST Experienced Sr Threat Hunter Must have one of the following certifications: GCIA, GCIH, GMON, GDAT, or Splunk Core Power User 5+ years of experience performing incident response activities for cloud-based and non-cloud-based environments, such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler 5+ years of experience performing hypothesis-based threat hunts utilizing Splunk Enterprise Security. 5+ years of experience collecting and analyzing data from compromised systems using EDR agents (e.g. CrowdStrike) and custom scripts (e.g. Sysmon) Bachelor's degree preferred DUTIES Provide incident response services after an incident is declared and provides a service that proactively searches for security incidents that would not normally be detected through automated alerting. The Threat Hunt mission is to explore datasets across the judicial fabric to identify unique anomalies that may be indicative of threat actor activity based on the assumption that the adversary is already present in the judicial fabric. The extended mission is to conduct counterintelligence, build threat actor dossiers, disrupt adversary operations, identify misconfigurations/ vulnerabilities, and identify visibility/detection gaps, if any. Human analytical thinking is imperative to the primary and extended missions as it is up to the threat hunter to find signs of an intrusion that have bypassed the automatic detection process that may already be in place. Quadrant is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability. | |