Cyber Threat Hunt Analyst

Company Overview
TekFive specializes in complex IT automation, empowering federal agencies to enhance software development, infrastructure provisioning, and enterprise application management. Our focus is on delivering proven technical solutions within the Federal space, emphasizing DevSecOps, cloud automation, and enterprise software development to optimize performance and security.

Job Overview

We are seeking an experienced Cyber Threat Hunt Analyst to support mission-critical systems in a high-security government environment.

This role directly contributes to the protection of systems supporting NASA and national defense initiatives. You will operate at the forefront of cybersecurity, identifying and disrupting sophisticated threats targeting high-value assets.

You will work alongside a team of cybersecurity professionals to proactively detect, investigate, and mitigate advanced threats that evade traditional security controls, including nation-state and advanced persistent threat (APT) activity.

Mission Impact

• Protect critical infrastructure and systems supporting NASA missions and national security objectives
• Contribute to the defense of high-value government assets against nation-state adversaries
• Play a key role in strengthening cyber resilience across aerospace and defense environments

Advanced Threat Hunting Focus

• Hunt for advanced persistent threats (APTs) using behavioral analysis and adversary emulation techniques
• Identify stealthy attacker activity that bypasses traditional SIEM and EDR detections
• Apply frameworks such as MITRE ATT&CK to map and anticipate adversary tactics
• Support the development of next-generation detection analytics and threat models

Key Responsibilities

• Conduct proactive threat hunting across network, endpoint, and log data
• Analyze security alerts to distinguish true threats from false positives
• Identify adversary tactics using MITRE ATT&CK and behavioral analytics
• Develop scripts and queries (e.g., Python, SPL, KQL) to enhance detection
• Perform forensic investigations and incident response support
• Collaborate with SOC, IR, and engineering teams to improve detection coverage
• Provide technical reports and briefings to leadership and stakeholders

✅ Basic Qualifications

• 6+ years of cybersecurity experience (offensive or defensive)
• 4+ years in threat hunting, incident response, SOC operations, or penetration testing
• Experience analyzing logs, detecting attacker TTPs, and tracking threat actors
• Familiarity with SIEM and EDR tools
• Bachelor’s degree in a related field
• Active Secret clearance

⭐ Preferred Qualifications

• Experience with tools such as Splunk, Elastic, SentinelOne, etc.
• Strong scripting/automation skills (Python preferred)
• Experience leading cyber exercises or simulations
• Ability to communicate technical findings to non-technical audiences
• IAT Level III certification (CISSP, CISM, or CISA)
• Active TS/SCI clearance

Pay: $115,000.00 - $140,000.00 per year

Benefits:

• 401(k) matching
• Dental insurance
• Health insurance
• Life insurance
• Paid time off
• Retirement plan
• Vision insurance

Education:

• Bachelor's (Required)

Experience:

• Cybersecurity: 6 years (Required)
• APT Hunting: 4 years (Preferred)
• Penetration testing: 4 years (Preferred)
• SOC Operations: 4 years (Preferred)
• Incident Response: 4 years (Preferred)

Security clearance:

• Secret (Preferred)

Ability to Commute:

• Huntsville, AL 35816 (Required)

Work Location: In person