Cyber Threat Hunter - Team Lead

Job Locations US-AZ-Fort Huachuca
Job Post Information* : Posted Date 3 months ago(8/25/2021 11:07 AM)
Information Technology
Location : Location
US-AZ-Fort Huachuca
Clearance Requirement
Top Secret/SCI
Job Requires Relocation


SOS International LLC (SOSi) is seeking a Cyber Threat Hunter - Team Lead located at Ft. Huachuca, AZ. The ideal candidate be someone who possesses experience in Cybersecurity.


Instead of waiting for the security industry to recognize the latest attacker techniques, The Cyber Threat hunter proactively hunts through customer networks to identify threats that have evaded existing security solutions. The Cyber Threat Hunter will create or modify the threat hunting strategy on a monthly basis, design and develop hunting techniques that utilize advanced analytics and reporting capabilities, fresh intelligence, global EDR indicator searchers, and anomaly investigations.


Duties of the Tier-3 Cyber Threat Hunter include:

  • High level security system analysis including proactive policy evaluation and tuning.
  • Leading the research and resolution of complex and/or escalations issues, including technical troubleshooting calls with customers and other enterprise teams.
  • Management of complex changes and vendor interaction.
  • Creation of security documentation, including policies and procedures, training documents, playbooks and operations manuals.
  • Liaise with internal and external senior management and other enterprise teams on service improvement initiatives.
  • May also provide Team Lead functions, including supervision of staff, escalation management, and performance appraisal contributions and reporting to government leads.


  • Active US DoD TOP SECRET security clearance and SCI eligible
  • At least 8 years Cybersecurity related experience, 5+ years SOC experience, 3+ years Cyber Threat experience
  • IAT-II certification, CSSP-Incident Response, Analyst, Auditor or Infrastructure Support at time of hire
  • Expert technical skills in appropriate SIEM software
  • Expert technical skills with scripting, parsing and query development
  • Experience building & managing use cases & content, driven from customer requirements
  • Bachelors or higher degree in Computer Science, Information Security or similar discipline or 8+ years’ experience in the field
  • Strong documentation and communication skills
  • Exceptional problem-solving skills
  • Ability to drive process improvements and identify gaps
  • Proactive in engaging with customers, client executives, and management teams
  • In-depth understanding of threat landscape and indicators of compromise
  • Threat Hunting techniques & Forensic research experience
  • A minimum of 3-5 years SOC experience as a senior engineer plus additional experience in a SOC T2 Senior Security Analyst role
  • Experience investigating security incidents with SIEMs (e.g., Splunk, Gabriel Nimbus, ArcSight, Securonix,etc), use case development/tuning, and threat hunting strategies.
  • Knowledge of JRSS and tools in the environment to include TippingPoint, Cisco StealthWatch, NIKSUN, Fidelis DLD, InQuest, Corelight Zeek, Firepower Management Center and OPSWAT.

Preferred Qualifications

  • Bachelor’s Degree in Cybersecurity, Computer Science or related field
  • Certifications: Security+, CISSP or CASP, CEH or CYSA, IBM Qradar, RSA Netwitness, Splunk ES Administrator, Cortex XSOAR, AWS Security specialty, RHEL, CISM, SANS GPEN or GCFA
  • Advanced scripting ability i.e. Python, PowerShell, Bash Shell, etc.
  • Familiarization with ARMY Networks/VRF’s
  • Working knowledge and use of Rally and ITSM ticketing systems.
  • SIEM solution design/architect experience
  • Experience writing advanced search queries or correlations within a SIEM
  • ISO 27K Audit & Compliance experience
  • IT Security best practices as outlined in NIST documentation
  • Infrastructure Management expertise on different platform
  • Advanced Threat Hunting capabilities
  • Fluency in a foreign language is desirable, but not required

Working Conditions

  • Working conditions are normal for an office environment.
  • Fast paced, deadline-oriented environment.
  • May require periods of non-traditional working hours including consecutive nights or weekends (if applicable)


SOSi is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed