Home >
Career Center > Job Seekers
> Job Search
|
| Company Name: |
General Dynamics IT |
| Location: |
Herndon, VA |
| Position Type: |
Full Time |
| Post Date: |
05/11/2026 |
| Expire Date: |
06/18/2026 |
| Job Categories: |
Engineering, Information Technology |
|
 |
|
|
Threat Hunt Lead -- Top Secret
The Threat Hunt Leadis responsible foroverseeing allcyberthreat hunt, adversary analysis, malware analysis, and digital forensics mission activities underan upcoming government contract.Hunts will include operations within sensitiveenvironmentssuch as Operation Technology (OT), Industrial Control Systems (ICS)and other CriticalInfrastructure(CI)networks. The successful leader directs multidisciplinary hunt and forensic teams providingfull spectrumdetection, analysis, and response capabilities that enablefederal stakeholderstoidentify, understand, and counter sophisticated cyber threats across federal,State Local Tribal and Territorial (SLTT),commercial, critical infrastructure, and cloud environments. The Threat Hunt Lead ensures continuous detection of adversary behavior, managessimultaneouslydeployedhunt operations, oversees advanced malware and forensics workflows, and delivershigh qualityanalytic products that inform national cyber defense actions.The rolemaintainsreadiness of personnel, tools, and flyaway kits to support rapid, remote, or onsite engagements. Key ResponsibilitiesAdversary, Malware, and Forensics Analysis OversightOverseesimultaneously deployed hunt operationsteams performing adversary tool analysis, including dynamic and static malware analysis and full reverse engineering of binaries, scripts, malicious documents, and artifacts todeterminefunctionality, behavior, andcommand and controlmechanisms.Overseesimultaneously deployedteams conducting digital forensic analysis of affected systems todeterminemalware impact, persistence mechanisms, and threat actor behavior.Deep understanding ofall levels of threat actor tools,techniquesand procedures (TTPs) that actor(s) may deploy including advanced (AI/ML) modeling techniques.Extensive knowledge of emerging,establishedand nation-state level threat actor behaviorsto include subversion and/or false flag operations techniques designed to circumvent establishedcyber inspections tools.In-depth ability to adapt to diversecyber environments in which managed teams may not have access to on-site cyber tools(event correlation mechanisms)and manage teams that may need to live off the landwithon-site-provided cyber tools.Strong knowledge of air-gapped environments and how direct simultaneouslydeployed huntteamswithin themto ensure consistent reporting.Ensuresimultaneously deployedteams develop custom scripts, tools, and analytic methods toidentify, characterize, and visualize adversary techniques across hunt, malware, and forensics workflowswithin both established and a-typicalcyber environments e.g., OT/ICSenvironments, commercialenvironmentsEnsure production ofhigh qualityindicators of compromise, detection artifacts, and adversary capability assessments that support national cyber defense operations. Thread Hunt Operations ManagementOverseefull spectrumhunt and incident response engagements,onsiteand/or remote,ensuringsimultaneously deployedteamsidentifythreats, assess impact, and recommend remedial actionsto local stakeholders.Direct continuous analysis ofestablished and a-typicalcyber defense sensor data, endpoint activity, network flows, cloud telemetry, and communications data to detect adversarial behavior and anomalous activity.Ensuresimultaneously deployedhunt teamsmaintaincontinuous awareness of emerging attack techniques, threat actors, tools, and methodologies to remain effective and up to date.Overseeboth classified and unclassifieddelivery offederalstakeholder brandedanalytic products, intelligence deliverables, threat assessments, and technical reports that contextualize adversary activity.Determinethemechanisms for thetimelyandaccuraterelease ofindicatorstobest ensure a proactive threat posture against cyber threat actors.Prepare, support the deliveryofand oversee the creation ofon-demand and formal reportingso as toensure thetimelyandaccuratereporting ofshifting threat actor TTPs regardless ofattribution.Understand, direct, oversee and ensure adherence toestablishedframeworks of reporting mechanisms such as MITRE ATT&CK (Enterprise, Mobile, ICS, etc.)Host Based, Network, Cloud, and OT/ICS Forensics LeadershipOverseesimultaneously deployedteams performing forensic examination across host systems and digital media (phones, hard drives, memory images, etc.)Directsimultaneously deployednetwork forensics operations toidentifythreatattacker behavior, develop network signatures, analyze network traffic and configurations, and produce authoritative forensic reports.Overseesimultaneously deployedcloud forensic teamsManagesimultaneously deployedOT/ICS forensic teams conducting analysis across industrial control systemsSupport, lead, direct and overseeappropriateremediationsuggestions and work withappropriate localstakeholdersincluding OT/ICS engineers. Malware Analysis and Operations OversightOverseesimultaneously deployedmalware operations teams responsible for evaluating complex malicious code, performing static/dynamic analysis, triaging samples, and generatinghigh qualitytechnical reports.Ensure development of custom detection signatures (YARA, SIGMA) and automated cleanup tools to enhance detection and remediation activities.Overseeteams simultaneously deployedworkflowsfor themanagementofmalware submissionsto pre-approved stakeholders onlyand where/when applicable,includetriage, prioritization, and status tracking.Ensure teams develop metrics to evaluate analysis throughput, accuracy, timeliness, and mission impact. Operational Processes, Procedures, and Performance MetricsOverseethestakeholder approveddevelopment, maintenance, and improvement ofStandard Operating Procedures (SOPs), playbooks, analytic processes, workflows,robotic process automations (RPAs)and procedures supporting hunt, malware, and forensic operations.Ensuresimultaneously deployedteams contribute to performance metrics measuring forensic effectiveness, response quality, hunt mission impact, and operational readiness.Overseethe threat hunt teamsparticipation inclassified and unclassifiedinteragency technical exchanges and communities of interest to strengthen national cyber defense integration. Deployable Hunt and Forensic Capability Management (Flyaway Kits)Oversee readiness of all deployable hunt and forensics resources;includingfullcapacityandreducedcapacityflyaway kits, storage media, imaging systems, and tools.Ensure kits are provisioned, tested, updated, sanitized, and securedin accordance withchainofcustodyand data handling requirements.Oversee rapid deployment capabilities supportingsimultaneously deployedremote or onsite incident response, exercises, and surge support events. Required QualificationsExperience leadingsimultaneously deployedhunt, malware analysis, digital forensics, or incident response teams within largescale, enterprise, commercial and OT/ICScyber defense programs.Deep knowledge ofnation state, emerging and establishedadversary TTP analysis, reverse engineering, forensic acquisition, and threat detection methodologies.Deep understanding and experiencewithhostbased, network, cloud, and OT/ICS forensics.Strong understanding of malware analysis, dynamic/static analysis tools, and detection signature developmentacross multiple operatingenvironmentsincluding OT/ICSAbility to oversee multidisciplinary teams and coordinate multiple concurrent engagements.Strong communication, reporting, and analytic leadership skills.10 years of overall cybersecurity experience with 5 years ofmanagement of cybersecurity teams Preferred QualificationsExperience supportingfederal stakeholderssuch as theDHS,DoW,the Intelligence Community (IC), the FBIand/or other national security cyber missions.Experience supporting commercial threat hunting operations.Experience supporting, leading and or directing threat hunt teams withinOT/ICS environments.Experience supporting, leading and or directing cyber protection teams.Significant hands-on experience with advanced threat huntingtechniques in air-gapped and or otherwise sensitive operating environments.Certifications such as GREM,Certified Threat Hunter (MTH),Offensive Security Certified Professional Plus (OCSP+),GIAC Penetration Tester (GPEN),GCTI, GNFA,GRID, CRTOor similar advanced technical credentials.Experience with ATT&CK frameworks across Enterprise, Cloud, and ICS.Experience managing deployable cyber hunt kits orrapid responseteams.GDIT IS YOUR PLACEAt GDIT, the mission is our purpose, and our people are at the center of everything we do. Growth: AI-powered career tool that identifies career steps and learning opportunities Support: An internal mobility team focused on helping you achieve your career goals Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off Community: Award-winning culture of innovation and a military-friendly workplace
|
|
| Company Name: |
General Dynamics IT |
| Website: | https://www.gdit.com/careers/job/abb1da191/threat-hunt-lead-top-secret/?source=AutoAppend_HBCU |
Apply Now |
Forward Job to a Friend |
More Jobs From This Employer
|
|
|
