Posted today
Top Secret/SCI
Senior Level Career (10+ yrs experience)
Unspecified
IT - Security
Arlington, VA (On/Off-Site)
Senior Cyber Security Deception Engineer / Threat Hunter
Federal Strategic Cyber Mission Programs
Location: Northern Virginia
Work Model: On-site (5 days per week) — candidates must be local to the work location
Position Overview
ICS is seeking a Senior Cyber Security Deception Engineer / Threat Hunter to support high-priority Federal Strategic Cyber Mission programs. This role is designed for a seasoned cyber professional who thrives in advanced threat environments and excels at detecting, analyzing, and countering sophisticated adversaries. You will play a critical role in shaping proactive defense strategies by blending deception technologies, threat hunting, and deep forensic analysis across enterprise and cloud environments.
Key Responsibilities
Partner with Security Operations, Incident Response, Threat Intelligence, and Threat Hunting teams to maintain a proactive, intelligence-driven security posture.
Conduct advanced network threat hunting across on-premises and cloud environments to identify malicious, anomalous, or suspicious activity.
Respond to security events received from the Cyber Incident Response Team (CIRT), delivering comprehensive findings and actionable remediation recommendations.
Perform deep packet-level traffic analysis and network traffic reconstruction to uncover adversary techniques, trends, and behavioral patterns.
Execute forensic analysis on impacted systems, including network devices, cloud assets, and storage media, both on- and off-premises.
Design, implement, and operationalize cybersecurity frameworks such as MITRE ATT&CK, Cyber Kill Chain, and related adversary models.
Validate established security requirements and recommend additional safeguards to strengthen enterprise defenses.
Interface with law enforcement, intelligence, and other U.S. government organizations as required to support investigations and coordinated response efforts.
Required Qualifications
Education & Experience
Bachelor’s degree with 9+ years of relevant experience, or
Master’s degree with 7+ years of relevant experience, or
4 additional years of experience may be substituted in lieu of a degree.
Certifications
Must possess at least one of the following certifications or be able to obtain prior to start date (continued certification required as a condition of employment):
CCNA-Security
CND
CySA+
GICSP
GSEC
Security+ CE
SSCP
Technical & Functional Expertise
Proven ability to analyze complex security incidents and develop corrective and preventative actions.
Demonstrated experience integrating new cybersecurity architectures and defensive capabilities.
Hands-on experience with threat hunting, network forensics, and/or cloud forensics.
Comfortable collaborating with external agencies, including law enforcement and intelligence organizations.
Clearance & Citizenship
U.S. citizenship required
Active Top Secret (TS) clearance required
Ability to obtain final TS/SCI
Preferred Qualifications
Experience leveraging Databricks for large-scale data analysis.
Hands-on experience using Artificial Intelligence (AI) and Large Language Models (LLMs) to enhance detection, analysis, or automation.
Advanced scripting capabilities, including the ability to:
Design, configure, troubleshoot, and operate complex scripts
Output results in multiple formats (e.g., HTML, XML)
Repurpose analytical results for reporting to audiences at varying technical levels (analysts, leadership, and stakeholders)
Why ICS
This role offers the opportunity to operate at the cutting edge of cyber defense—protecting mission-critical federal systems against advanced adversaries. You’ll work alongside elite cyber professionals, engage with national-level partners, and apply innovative techniques in deception, analytics, and threat hunting to deliver real-world impact.
Federal Strategic Cyber Mission Programs
Location: Northern Virginia
Work Model: On-site (5 days per week) — candidates must be local to the work location
Position Overview
ICS is seeking a Senior Cyber Security Deception Engineer / Threat Hunter to support high-priority Federal Strategic Cyber Mission programs. This role is designed for a seasoned cyber professional who thrives in advanced threat environments and excels at detecting, analyzing, and countering sophisticated adversaries. You will play a critical role in shaping proactive defense strategies by blending deception technologies, threat hunting, and deep forensic analysis across enterprise and cloud environments.
Key Responsibilities
Partner with Security Operations, Incident Response, Threat Intelligence, and Threat Hunting teams to maintain a proactive, intelligence-driven security posture.
Conduct advanced network threat hunting across on-premises and cloud environments to identify malicious, anomalous, or suspicious activity.
Respond to security events received from the Cyber Incident Response Team (CIRT), delivering comprehensive findings and actionable remediation recommendations.
Perform deep packet-level traffic analysis and network traffic reconstruction to uncover adversary techniques, trends, and behavioral patterns.
Execute forensic analysis on impacted systems, including network devices, cloud assets, and storage media, both on- and off-premises.
Design, implement, and operationalize cybersecurity frameworks such as MITRE ATT&CK, Cyber Kill Chain, and related adversary models.
Validate established security requirements and recommend additional safeguards to strengthen enterprise defenses.
Interface with law enforcement, intelligence, and other U.S. government organizations as required to support investigations and coordinated response efforts.
Required Qualifications
Education & Experience
Bachelor’s degree with 9+ years of relevant experience, or
Master’s degree with 7+ years of relevant experience, or
4 additional years of experience may be substituted in lieu of a degree.
Certifications
Must possess at least one of the following certifications or be able to obtain prior to start date (continued certification required as a condition of employment):
CCNA-Security
CND
CySA+
GICSP
GSEC
Security+ CE
SSCP
Technical & Functional Expertise
Proven ability to analyze complex security incidents and develop corrective and preventative actions.
Demonstrated experience integrating new cybersecurity architectures and defensive capabilities.
Hands-on experience with threat hunting, network forensics, and/or cloud forensics.
Comfortable collaborating with external agencies, including law enforcement and intelligence organizations.
Clearance & Citizenship
U.S. citizenship required
Active Top Secret (TS) clearance required
Ability to obtain final TS/SCI
Preferred Qualifications
Experience leveraging Databricks for large-scale data analysis.
Hands-on experience using Artificial Intelligence (AI) and Large Language Models (LLMs) to enhance detection, analysis, or automation.
Advanced scripting capabilities, including the ability to:
Design, configure, troubleshoot, and operate complex scripts
Output results in multiple formats (e.g., HTML, XML)
Repurpose analytical results for reporting to audiences at varying technical levels (analysts, leadership, and stakeholders)
Why ICS
This role offers the opportunity to operate at the cutting edge of cyber defense—protecting mission-critical federal systems against advanced adversaries. You’ll work alongside elite cyber professionals, engage with national-level partners, and apply innovative techniques in deception, analytics, and threat hunting to deliver real-world impact.
group id: 10176392
