Jobs › Senior Critical Infrastructure Cyber Defense Threat Hunter
Senior Critical Infrastructure Cyber Defense Threat Hunter
Role at a glance
- Category
- GRC
- Work arrangement
- On-site
- Location
- Arlington, Virginia
- Salary range
- $121,785 to $187,093
- Posted
- Jul 8, 2026
Cybersecurity and Infrastructure Security Agency is hiring a Senior Critical Infrastructure Cyber Defense Threat Hunter in Arlington, Virginia. This is a GRC role in the governance, risk, and compliance field, with a posted range of $121,785 to $187,093. Review the full details below and apply directly with Cybersecurity and Infrastructure Security Agency.
This announcement is issued under the Direct Hire Authority (DHA) to recruit for positions for which there is a critical hiring need. Selectee(s) will receive a career or career-conditional appointment in the competitive service and may be required to serve a one year probationary period. The official title of this position is Information Technology Cybersecurity Specialist (INFOSEC) GS-2210-13/14. Qualifications: Do NOT copy and paste the duties, specialized experience, or occupational assessment questionnaire from this announcement into your resume as that will not be considered a demonstration of your qualifications for this position. Your resume must describe your work and experience, in your own words. To be considered minimally qualified for this position, you must demonstrate that you have the required proficiency level of competencies and experience for the respective grade level in which you are applying: REQUIRED COMPETENCIES: Experience must be Information Technology (IT)-related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. You must have IT-related experience demonstrating each of the required competencies listed below and must meet or exceed the minimum proficiency level established for each by grade level. For more information, see Competency-Based Qualification Standard for the Information Technology Management Series, 2210. You qualify at the GS-13 and GS-14 grade level, if you have: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Decision Making - Makes sound, well-informed, and objective decisions; perceives the impact and implications of decisions; commits to action, even in uncertain situations, to accomplish organizational goals; causes change. Information Management - Identifies a need for and knows where or how to gather information; organizes and maintains information or information
Full responsibilities and requirements are on Cybersecurity and Infrastructure Security Agency's application page.
Apply for this role →Location and market context
This role is based in Arlington, Virginia on-site. Local candidates benefit from being close to Cybersecurity and Infrastructure Security Agency's teams and regional hiring market. Confirm the exact in-office expectation and any relocation support with the employer.
About cybersecurity governance roles
Cybersecurity governance connects security control frameworks to business and regulatory risk, covering policy, risk assessment, and control assurance rather than hands-on operations. Roles like this one are typically evaluated against frameworks such as NIST CSF, ISO/IEC 27001, SOC 2, and security risk and control-assurance practices.
How to position yourself for this cybersecurity governance role
Strong candidates emphasize security control frameworks, risk assessment, policy and standards, and translating technical security posture into governance and board-level reporting. In your resume and outreach, tie your experience to how Cybersecurity and Infrastructure Security Agency would apply NIST CSF, ISO/IEC 27001, SOC 2, and security risk and control-assurance practices, and lead with concrete outcomes rather than duties.
Similar GRC roles
More GRC jobs: All GRC roles · Browse by category & location