Cyber Threat Hunt Lead

Company: SOSi
Location: Ashburn
Posted on: February 19, 2026

Job Description:

Job Description Job Description Company Description Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide. Job Description This position is contingent upon contract award SOSi is seeking highly qualified senior professionals to support a DHS enterprise cybersecurity program providing 24/7 Security Operations Center (SOC) services. These roles deliver leadership, operational oversight, and technical expertise across cyber defense, incident response, intelligence, engineering, and modernization activities. Job Description Leads hypothesis-driven threat hunting across enterprise environments, leveraging CTI to define TTP-focused hunts and collaborating with detection engineering, IR, and asset owners to validate and remediate findings. Responsibilities Plan and execute TTP-based hunts; pivot across host/network telemetry to discover unknown threats. Develop/interpret detections and analytics, coordinate remediation with asset owners and IR. Report significant findings to leadership; maintain hunt backlog and success metrics. Qualifications Experience : 5 years as a Tier III threat hunt analyst and 5 years hands-on, including the last 2 years of network-based monitoring. Technical Skills : Host/network forensics, intrusion detection, malware identification, and detection content development (signatures/rules). Tools : Deep experience with SIEM (e.g., Splunk) and endpoint/network management tools (e.g., Tanium). Scripting : Interpret scripts in VB, Python, C++, HTML/XML to support detection and triage. Certifications (DoD 8570 – one of): CEH, IAT Level II, IAM Level I, or CSSP Analyst/Incident Responder. Clearance : TS, SCI-eligible. Additional Information Work Environment Normal office conditions with potential to perform duties in various CONUS locations. Core hours of operation are Monday through Friday, 0600 – 1700. May be requested to work evenings and weekends to meet program and contract needs. Working at SOSi All interested individuals will receive consideration and will not be discriminated against for any reason.

Keywords: SOSi, Towson , Cyber Threat Hunt Lead, IT / Software / Systems , Ashburn, Maryland