Assist in proactive, hypothesis-driven threat hunts across endpoint, network, cloud, and identity environments.
Analyze telemetry from EDR, SIEM, NDR, email, and identity platforms.
Investigate suspicious activity and anomalies to determine malicious vs. benign behavior.
Support development and tuning of detection rules and analytics.
Leverage the MITRE ATT&CK framework to understand and map adversary techniques.
Document hunt findings, methodologies, and lessons learned.
Collaborate with SOC and Incident Response teams to escalate validated threats.
Contribute to continuous improvement of detection coverage and hunting playbooks.
Stay current on emerging threats, malware trends, and attacker techniques.

Requirements

4+ years in cybersecurity with at least 2 years in threat hunting, advanced detection engineering, or incident response.
Strong experience with EDR platforms (CrowdStrike, Microsoft Defender, SentinelOne, etc.).
Proficiency in SIEM platforms (Splunk, Sentinel, Elastic, QRadar, etc.).
Experience writing advanced queries (KQL, SPL, SQL, Lucene, etc.).
Deep understanding of Windows, Linux, and Active Directory internals.
Strong knowledge of Cloud services (AWS, Azure, Google Cloud, etc.)
Familiarity with MITRE ATT&CK framework.
Experience analyzing process trees, command-line artifacts, persistence mechanisms, and lateral movement.
Strong knowledge of networking fundamentals and common attack techniques.
Ability to independently conduct investigations from hypothesis to conclusion.
Strong written and verbal communication skills.
Knowledge of identity-based attacks (OAuth abuse, token theft, Kerberos abuse).
Experience with scripting (Python, PowerShell, Bash).
Background in detection engineering or purple teaming.
Industry certifications such as GCFA, GCIA, GCIH, GCED, CISSP, or similar.
Experience working in an MDR or MSSP environment.

Benefits

Medical, dental, vision, and disability insurance
Flexible Time Off (FTO), 12 company holidays, sick leave and 8-Weeks Paid Parental Leave
Unique professional development benefits with Annual “development dollars” to support our people growth and development
Wellness contests and monthly educational programs
401(K) retirement program

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

threat huntingdetection engineeringincident responseEDR platformsSIEM platformsadvanced queriesscriptingnetworking fundamentalscloud servicesidentity-based attacks

Soft Skills

strong written communicationstrong verbal communicationindependent investigationcollaborationcontinuous improvement

Certifications

GCFAGCIAGCIHGCEDCISSP