AXXUM TECHNOLOGIES LLC
Senior Threat Hunter - On-site one day a week Washington, DC
AXXUM TECHNOLOGIES LLC, Washington, District of Columbia, us, 20022
Senior Threat Hunter - On-site one day a week Washington, DC Join to apply for the
Senior Threat Hunter - On-site one day a week Washington, DC
role at
AXXUM TECHNOLOGIES LLC .
All potential candidates should read through the following details of this job with care before making an application. Role Overview As a Senior Threat Hunter, you will participate in threat actor investigations, develop detection methodologies, and support incident response and monitoring functions. Responsibilities
Monitor, analyze, develop content for, and maintain SIEM systems. Research, analyze, and respond to alerts, including log retrieval and documentation. Analyze network traffic and host activities across various technologies and platforms. Assist in incident response activities such as host triage, malware analysis, remote system analysis, and remediation. Prepare detailed investigation reports for SOC and management. Track threat actors, their TTPs, and develop countermeasures. Analyze network traffic, IDS/IPS/DLP events, packet captures, and firewall logs. Evaluate malicious campaigns and the effectiveness of security technologies. Coordinate threat hunting activities using intelligence and security technologies. Design and build investigation tools and assist in deploying new security technologies. Lead response efforts for advanced attacks and identify threat actor techniques. Identify infrastructure gaps by mimicking attacker behaviors. Support large-scale security incident investigations and perform root cause analyses. Improve detection processes and review alerts for false positives. Create dashboards and reports for threat identification and anomaly detection. Conduct forensic analysis of network and host logs, malware, and security sensors. Maintain a passion for researching internet threats and threat actors. Ensure excellent customer service from the SOC team. Required Experience
7+ years in cybersecurity, incident response, or network security, preferably in a SOC environment. BA/BS degree or 6 years of relevant experience in lieu of a degree. 5+ years in incident response, log analysis with Splunk or similar, malware triage. Experience creating automated log correlations in Splunk or similar tools. Proficiency with Splunk search language, dashboards, and reports. Strong analytical, investigative, and threat hunting skills. Knowledge of security architecture, threat intelligence, malware causes, lateral movement, and exfiltration techniques. Experience with Netflow or PCAP analysis. Creative problem-solving skills and ability to develop new processes. Knowledge of network protocols, security devices, and malware behaviors. Ability to convert intelligence into actionable controls. Understanding of security alert logic and log analysis. Familiarity with common malware and threat actor behaviors. Strong time management, multitasking, collaboration, and attention to detail skills. Desired Experience
Scripting skills (Python, JavaScript, Perl). Memory and malware analysis. Experience with exploitation methodologies. Experience as a government contractor. Certifications like GCIA, GCIH, GMON, GDAT, or Splunk Power User, with 7+ years related experience. Additional Information
Salary and Benefits:
Competitive package including health insurance, paid leave, disability, and life insurance. Details available upon application. Our Commitment:
Dedicated to diversity, equity, and inclusion, fostering a respectful and supportive work environment. How to Apply Apply online via our Careers page. We do not accept paper applications. Visit our website for current postings and application instructions.
#J-18808-Ljbffr
Senior Threat Hunter - On-site one day a week Washington, DC
role at
AXXUM TECHNOLOGIES LLC .
All potential candidates should read through the following details of this job with care before making an application. Role Overview As a Senior Threat Hunter, you will participate in threat actor investigations, develop detection methodologies, and support incident response and monitoring functions. Responsibilities
Monitor, analyze, develop content for, and maintain SIEM systems. Research, analyze, and respond to alerts, including log retrieval and documentation. Analyze network traffic and host activities across various technologies and platforms. Assist in incident response activities such as host triage, malware analysis, remote system analysis, and remediation. Prepare detailed investigation reports for SOC and management. Track threat actors, their TTPs, and develop countermeasures. Analyze network traffic, IDS/IPS/DLP events, packet captures, and firewall logs. Evaluate malicious campaigns and the effectiveness of security technologies. Coordinate threat hunting activities using intelligence and security technologies. Design and build investigation tools and assist in deploying new security technologies. Lead response efforts for advanced attacks and identify threat actor techniques. Identify infrastructure gaps by mimicking attacker behaviors. Support large-scale security incident investigations and perform root cause analyses. Improve detection processes and review alerts for false positives. Create dashboards and reports for threat identification and anomaly detection. Conduct forensic analysis of network and host logs, malware, and security sensors. Maintain a passion for researching internet threats and threat actors. Ensure excellent customer service from the SOC team. Required Experience
7+ years in cybersecurity, incident response, or network security, preferably in a SOC environment. BA/BS degree or 6 years of relevant experience in lieu of a degree. 5+ years in incident response, log analysis with Splunk or similar, malware triage. Experience creating automated log correlations in Splunk or similar tools. Proficiency with Splunk search language, dashboards, and reports. Strong analytical, investigative, and threat hunting skills. Knowledge of security architecture, threat intelligence, malware causes, lateral movement, and exfiltration techniques. Experience with Netflow or PCAP analysis. Creative problem-solving skills and ability to develop new processes. Knowledge of network protocols, security devices, and malware behaviors. Ability to convert intelligence into actionable controls. Understanding of security alert logic and log analysis. Familiarity with common malware and threat actor behaviors. Strong time management, multitasking, collaboration, and attention to detail skills. Desired Experience
Scripting skills (Python, JavaScript, Perl). Memory and malware analysis. Experience with exploitation methodologies. Experience as a government contractor. Certifications like GCIA, GCIH, GMON, GDAT, or Splunk Power User, with 7+ years related experience. Additional Information
Salary and Benefits:
Competitive package including health insurance, paid leave, disability, and life insurance. Details available upon application. Our Commitment:
Dedicated to diversity, equity, and inclusion, fostering a respectful and supportive work environment. How to Apply Apply online via our Careers page. We do not accept paper applications. Visit our website for current postings and application instructions.
#J-18808-Ljbffr