Cyber Threat Hunter

Nabout Leidos
31 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 195K

Job location

Tech stack

Software as a Service
Cloud Computing
Cloud Computing Security
Computer Security
Intrusion Detection Systems
Security Information and Event Management
Mitre Att&ck
Malware
Firewalls (Computer Science)

Requirements

You bring deep analytical skills, hands-on threat-hunting experience, and the ability to lead investigations in complex environments.\n \n \n

  • Active DoD TS/SCI clearance\n
  • Current DoD 8140-compliant security certification; ability to obtain CE certification within 6 months\n
  • Bachelor's degree and 6+ years of cybersecurity experience (or equivalent experience/certifications)\n
  • Experience with Endpoint Detection and Response (EDR) platforms\n
  • Strong understanding of security controls across Endpoint, Cloud, SaaS, and Identity\n
  • Background in analyzing alerts and identifying anomalous or malicious activity\n
  • Experience developing detection content and understanding content lifecycle management\n
  • Ability to analyze logs from Network/Host, EDR, Firewall, IDS/IPS, and Cloud sources\n
  • Experience leading incident response engagements\n
  • Knowledge of security architectures, firewalls, vulnerabilities, and system/application threats\n
  • Strong communication skills for presenting findings to stakeholders\n
  • Ability to travel as required\n
  • Proven, well-rounded experience in information security\n, * Bachelor's degree in IT, CIS, Cybersecurity, or related field\n
  • Certifications such as CySA+, CASP+, CISSP, or equivalent\n
  • Familiarity with MITRE ATT&CK and other security frameworks\n
  • Experience with Security Onion\n
  • Hands-on experience with tools such as EDR, Firewalls, IDS/IPS, DLP, SIEM, forensic/malware analysis, and cloud security tools\n
  • Strong analytical, problem-solving, communication, and project management skills\n

Benefits & conditions

n\ud83d\ude80 Cyber Threat Hunter - Lead Advanced Threat Detection & Proactive Defense\n \n Leidos is seeking a \nCyber Threat Hunter to join a mission-critical cybersecurity team dedicated to staying ahead of sophisticated adversaries. In this role, you'll proactively hunt for malicious activity, analyze emerging attacker tactics, and transform intelligence into actionable defensive improvements that protect high-value assets. If you thrive on uncovering the unknown, analyzing complex threat patterns, and strengthening enterprise-wide defenses, this is where your expertise will shine.\n \n You'll work closely with SOC analysts, incident responders, and security engineers to elevate detection capabilities, guide investigations, and mentor others in advanced threat-hunting tradecraft.\n \n \n\ud83c\udf10 What You'll Do\n \n As a Cyber Threat Hunter, you'll lead proactive detection efforts, analyze threat intelligence, and develop advanced detection content to stay ahead of evolving threats.\n \n \nYour responsibilities include:\n \n \n \n

  • Conducting proactive threat hunts to identify suspicious activity before it escalates\n
  • Applying critical thinking to analyze threat intelligence, attacker TTPs, and emerging techniques\n
  • Reviewing and correlating logs from firewalls, hosts, EDR, IDS/IPS, and other internal sources\n
  • Responding to RFIs and conducting scoped investigations using all available tools\n
  • Leveraging strong knowledge of security controls across Endpoint, Cloud, SaaS, and Identity\n
  • Using EDR platforms to investigate alerts, anomalies, and malicious activity\n
  • Developing custom SIEM and IDS rules/signatures to strengthen detection capabilities\n
  • Performing incident handling tasks including triage, response, documentation, and lessons learned\n
  • Educating customers on threats and advising on best practices\n
  • Analyzing ongoing attacks such as phishing, DDoS, ransomware, and data leakage\n
  • Tracking and engaging with threat actors across the clear, deep, and dark web\n
  • Serving as a subject-matter expert in threat intelligence and advanced detection\n
  • Building dashboards, alerts, and monitoring content within SIEM and other security tools\n
  • Continuously optimizing detection content to support SOC operations\n
  • Creating and maintaining technical documentation, detection strategies, and monitoring processes\n
  • Identifying detection gaps and recommending improvements\n
  • Mentoring SOC analysts and guiding team members in tactical security practices\n
  • Developing strategies for incident handling and coordinating responses to security breaches\n

Apply for this position