Skip to main content
Back to jobs

Cyber Threat Hunter

External
General Dynamics IT logoGeneral Dynamics It · Fort Bragg, NC
Full-timeHybrid1w ago
AWSAzureBashCloud SecurityComplianceDNS
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

Requirements

  • Cyber Operations, Cyber Threat Analysis, Cyber Threat Hunting, Cyber Threat Intelligence, Cyber Threat Prevention Certifications:
  • None Experience:
  • 3 + years of related experience US Citizenship Required:
  • Yes
  • Job Description:
  • Advance your career while impacting our national security in cyber as an Information Security Analyst Senior at GDIT. Here, technologists have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.
  • MEANINGFUL WORK AND PERSONAL IMPACT
  • WHAT YOU'LL NEED TO SUCCEED
  • Bring your cyber expertise and drive for innovation to GDIT. The Information Security Analyst Senior must have:
  • Threat Hunting Operations
  • Conduct proactive and reactive threat hunts across enterprise networks, endpoints, servers, and cloud environments.
  • Develop and execute hypothesis-based hunts using known adversary TTPs.
  • Identify stealthy, persistent, or anomalous activity missed by automated detections.
  • Pivot across multiple data sources to validate suspicious indicators.
  • Cyber Threat Intelligence (CTI)
  • Leverage internal and external CTI feeds to enrich hunting operations.
  • Translate intelligence reports into hunt hypotheses and detections.
  • Analyze nation-state, criminal, and insider threat activity.
  • Map adversary behavior to MITRE ATT&CK framework.
  • SIEM / Log Analytics
  • Utilize Splunk or Elastic SIEM for advanced correlation searches, dashboards, detections, and threat investigations.
  • Correlate logs from firewalls, EDR, DNS, authentication, proxy, cloud, and network sources.
  • Tune detections to reduce false positives and improve fidelity.
  • Cloud Security Hunting
  • Perform hunts within cloud environments such as Amazon Web Services, Microsoft Azure, and Google Cloud.
  • Analyze cloud control plane logs, IAM activity, API abuse, storage misuse, and lateral movement.
  • Hunt for persistence techniques in SaaS / IaaS / PaaS environments.
  • Automation & Engineering
  • Develop scripts and automations to accelerate hunting and investigations.
  • Build repeatable hunt playbooks and workflows.
  • Integrate tools using APIs, SOAR, or custom automation.
  • Automate enrichment of indicators and triage processes.
  • Incident Response Support
  • Provide advanced analytical support to Incident Response teams.
  • Validate indicators of compromise (IOCs)
  • Support containment and eradication during active incidents.
  • Security clearance level: TS/SCI Required
  • US citizenship required
  • Role requirements:
  • Technical Training, Certification(s) or Degree, or additional years in lieu of degree
  • 4+ years cybersecurity experience with 2+ years in threat hunting, SOC, IR, or CTI.
  • Experience in DoW, Intelligence Community, or federal cyber environments preferred.
  • Strong experience with Splunk or other SIEM platforms.
  • Strong knowledge of CTI lifecycle and intelligence-driven defense.
  • Experience creating hunt hypotheses and conducting structured hunts.
  • Deep understanding of Windows, Linux, Active Directory, networking, and DNS.
  • Knowledge of tools such as Trellix ESS, Splunk ES, Splunk SOAR, MAR/HX, NSM, Varonis, IDS, Stealthwatch, Cylance and ForeScout as duties performing cyber incident response and analysis.
  • Familiarity with malware behavior and attacker tradecraft.
  • Experience with cloud technologies (AWS, Azure, GCP).
  • Experience with one or more:
  • Ability to write or understand code in one or more:
  • Python
  • PowerShell
  • Bash
  • SQL
  • Kusto Query Language
  • JSON / YAML / Regex parsing
  • Compliance / Certifications
  • DoD 8570 / 8140 compliant certification preferred such as:
  • CompTIA Security+
  • CySA+
  • CASP+
  • GIAC (GCIH, GCFA, etc.)
  • GDIT IS YOUR PLACE
  • At GDIT, the mission is our purpose, and our people are at the center of everything we do.
  • Growth: AI-powered career tool that identifies career steps and learning opportunities
  • Support: An internal mobility team focused on helping you achieve your car

Benefits

Health insurance

Additional Information

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret/SCI Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications:

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at General Dynamics IT? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect