Enterprise Cybersecurity Threat Hunt Lead

Enterprise Cybersecurity Threat Hunt Lead

The Opportunity:

Cyber threats are evolving, and perimeter security and automated protection aren’t enough—it’s time to go threat hunting. We need your help in detecting advanced cyber threats. Instead of letting the attackers come to us, let’s go find them.

We’re looking for an expert who can think like a cyber attacker to figure out how to circumvent security measures. You’ll use your network defense experience and analytical skills to rapidly prototype and build scripts to create haystacks and sift through the false positives to find patterns and indicators. Guide your team of cyber security experts or cyber threat hunter experts to find the adversary in the blind spot and advise the client on ways to close the gaps and harden their network. 

As a technical leader, you’ll identify new opportunities to build technical solutions to help your customers meet their toughest challenges. This is a chance to think differently about cyber defense, use completely new tools and approaches, and develop the next generation of security analytics. 

We're looking for a seasoned leader with a deep understanding of cyber threats and the ability to use cutting-edge technology to thwart sophisticated attacks. As the Threat Hunt Lead, you’ll leverage your extensive experience and analytical skills to guide your team in querying vast datasets to pinpoint anomalies and uncover attack methods. You will collaborate closely with our Detection Engineers to review intelligence and hunt for signs of emerging threats, develop innovative hunt analytics, and identify visibility gaps, while recommending strategic improvements to the organization's security posture. With your technical prowess, you’ll direct the team of threat hunters toward inventive solutions to strengthen the organization's defenses against cyber threats. You will also regularly and proactively interface with teams across the company to ensure a robust cybersecurity posture to support incident response, provide contextual insights and best practices, and improve defenses. This is an opportunity to revolutionize cyber defense, embrace state-of-the-art tools and methodologies, and propel security analytics into the future.  

Join us. The world can’t wait.

You Have:

• 10+ years of experience in cybersecurity including threat hunting and detection engineering 
• 5+ years of experience in a leadership role guiding cybersecurity teams 
• Experience with Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) 
• Experience with cutting-edge technology, such as artificial intelligence and machine learning, and with developing and implementing advanced cyber defense strategies 
• Experience in applying detection frameworks, like MITRE ATT&CK and SIGMA, to a comprehensive threat detection program 
• Knowledge of the unique challenges posed by on-prem environments and the cloud computing environments offered by Amazon, Google, and Microsoft
• Knowledge of the strategic importance of threat detection and threat hunting within “blue team” and “purple team” methodologies 
• Ability to clearly and concisely communicate the team’s technical work to business leaders and quickly adjust and prioritize tasks  
• Ability to obtain a Secret clearance
• HS diploma or GED

Nice If You Have:

• Experience in threat hunting using Azure event logs 
• Experience in threat hunting in AWS and GCP 
• Experience in utilizing data sources and artifacts from diverse platforms and technologies across networks, endpoints, and applications, including Carbon Black, for threat hunting and detection purposes
• Knowledge of the current threat landscape, including tactics, techniques, and procedures (TTPs) of advanced threat actors
• Ability to analyze logs and develop advanced queries in Splunk SPL, KQL or Arcsight 

Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $96,600.00 to $220,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

• If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
• If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.