Tyto Athene, LLC
Be among the first 25 applicants. Get AI‑powered advice on this job and more exclusive features.
Tyto Athene is searching for a
Cyber Threat Hunt Team Lead
to support a law enforcement customer in Ashburn, VA. You will play a critical role in leading in‑depth analyses and responding to incidents from cyber threats facing our clients. You will work closely with other threat hunters, threat analysts, and an established SOC, and we will rely on you to hunt down the most advanced global threats. In addition to being our initial point of contact for end users, you will serve as the escalation point for other analysts, helping guide them through more complex and high‑priority incidents.
Responsibilities
Lead cross‑functional teams to perform in‑depth analysis and investigation of high‑priority cybersecurity incidents
Utilize security tools to analyze, investigate, and triage security alerts
Lead and execute advanced cyber threat hunting operations to detect and mitigate sophisticated threats across enterprise networks and systems
Perform detailed threat analysis, technical analysis, and network asset traversal to identify anomalies and malicious activity
Collaborate with the SOC and Threat Analysts to contain and investigate major incidents
Provide simple and reusable hunt tactics and techniques to a team of security engineers, SIEM specialists, and SOC analysts
Conduct host‑ and network‑based forensic investigations to detect advanced persistent threats (APTs), intrusions, malware, and suspicious activity
Develop and refine threat detection content, including custom signatures, rules, and advanced analytics
Interpret scripts and code artifacts in languages such as VBScript, Python, C++, HTML, XML, and others necessary for threat identification and response
Collaborate closely with the Cyber Threat Intelligence (CTI) team to integrate intelligence findings into hunt strategies and prioritize tactics, techniques, and procedures (TTPs)
Maintain expert‑level understanding of industry threat actors, tactics, cyber threat trends, and evolving attack techniques
Communicate significant findings to leadership and work with IT asset owners to deconflict events and ensure appropriate response actions
Recommend and drive corrective actions, best practices, and cybersecurity improvements across the organization’s IT environment
Lead the Cyber Threat Hunt team in day‑to‑day operations, mentoring junior analysts and shaping hunt methodologies
Requirements
5+ years of experience as a Tier III Cyber Threat Hunt Analyst conducting advanced threat hunting and forensic analysis
5+ years of hands‑on experience in cybersecurity operations, including at least 2 years of recent experience in network‑based security monitoring
Strong background in cybersecurity domains including host and network forensics, intrusion detection and analysis, malware identification and reverse engineering fundamentals, security content and signature development, and the ability to interpret and analyze automated scripts and programming code to support detection efforts
Experience using and managing SIEM and endpoint/network defense platforms such as Splunk and Tanium
Proven expertise in analyzing and understanding the global cyber threat landscape and adversary behaviors
Strong communication skills with experience reporting findings to senior leadership and stakeholders
CISSP – Certified Information Systems Security Professional
Certified Ethical Hacker (CEH) or one of the following: DoD 8570 IAT Level II, IAM Level I, or CSSP Analyst / Incident Responder
GCFA – GIAC Certified Forensic Analyst
GCFE – GIAC Certified Forensic Examiner
GNFA – GIAC Network Forensic Analyst
Location
Ashburn, VA
Clearance
TS/SCI Clearance required
#J-18808-Ljbffr
Tyto Athene is searching for a
Cyber Threat Hunt Team Lead
to support a law enforcement customer in Ashburn, VA. You will play a critical role in leading in‑depth analyses and responding to incidents from cyber threats facing our clients. You will work closely with other threat hunters, threat analysts, and an established SOC, and we will rely on you to hunt down the most advanced global threats. In addition to being our initial point of contact for end users, you will serve as the escalation point for other analysts, helping guide them through more complex and high‑priority incidents.
Responsibilities
Lead cross‑functional teams to perform in‑depth analysis and investigation of high‑priority cybersecurity incidents
Utilize security tools to analyze, investigate, and triage security alerts
Lead and execute advanced cyber threat hunting operations to detect and mitigate sophisticated threats across enterprise networks and systems
Perform detailed threat analysis, technical analysis, and network asset traversal to identify anomalies and malicious activity
Collaborate with the SOC and Threat Analysts to contain and investigate major incidents
Provide simple and reusable hunt tactics and techniques to a team of security engineers, SIEM specialists, and SOC analysts
Conduct host‑ and network‑based forensic investigations to detect advanced persistent threats (APTs), intrusions, malware, and suspicious activity
Develop and refine threat detection content, including custom signatures, rules, and advanced analytics
Interpret scripts and code artifacts in languages such as VBScript, Python, C++, HTML, XML, and others necessary for threat identification and response
Collaborate closely with the Cyber Threat Intelligence (CTI) team to integrate intelligence findings into hunt strategies and prioritize tactics, techniques, and procedures (TTPs)
Maintain expert‑level understanding of industry threat actors, tactics, cyber threat trends, and evolving attack techniques
Communicate significant findings to leadership and work with IT asset owners to deconflict events and ensure appropriate response actions
Recommend and drive corrective actions, best practices, and cybersecurity improvements across the organization’s IT environment
Lead the Cyber Threat Hunt team in day‑to‑day operations, mentoring junior analysts and shaping hunt methodologies
Requirements
5+ years of experience as a Tier III Cyber Threat Hunt Analyst conducting advanced threat hunting and forensic analysis
5+ years of hands‑on experience in cybersecurity operations, including at least 2 years of recent experience in network‑based security monitoring
Strong background in cybersecurity domains including host and network forensics, intrusion detection and analysis, malware identification and reverse engineering fundamentals, security content and signature development, and the ability to interpret and analyze automated scripts and programming code to support detection efforts
Experience using and managing SIEM and endpoint/network defense platforms such as Splunk and Tanium
Proven expertise in analyzing and understanding the global cyber threat landscape and adversary behaviors
Strong communication skills with experience reporting findings to senior leadership and stakeholders
CISSP – Certified Information Systems Security Professional
Certified Ethical Hacker (CEH) or one of the following: DoD 8570 IAT Level II, IAM Level I, or CSSP Analyst / Incident Responder
GCFA – GIAC Certified Forensic Analyst
GCFE – GIAC Certified Forensic Examiner
GNFA – GIAC Network Forensic Analyst
Location
Ashburn, VA
Clearance
TS/SCI Clearance required
#J-18808-Ljbffr