Back to all jobs

Cyber Threat Hunter, Senior

Booz Allen

Nov 16

Cyber Threat Hunter, Senior

The Challenge:

Are you looking for an active role in detecting advanced Cyberthreats? Instead of letting the attackers come to us, let’s go find them. Cyber threats are evolving, and perimeter security and automated protection aren’t enough—it’s time to go threat hunting.

We’re looking for CND/CNO specialists who can think like a Cyber attacker to figure out how to circumvent security measures. You’ll use your network defense experience and analytical skills to rapidly prototype and build analytics to create data "haystacks" and sift through the false positives to find patterns and indicators. Work with our team of Cybersecurity experts to find the adversary in the SIEM’s blind spot and advise clients on ways to close the gaps and harden their network. With your technical expertise, you’ll build creative solutions to help your customers meet their toughest challenges. This is a chance to think differently about cyber defense, use completely new tools and approaches, and develop the next generation of security analytics. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Empower change with us.

You Have:

  • 3+ years of experience with cybersecurity offensive or defensive technical operations

  • Experience with Advanced Persistent Threat (APT) hunting, pentesting, digital forensics, or incident response

  • Ability to profile and track malicious actors that pose a threat in coordination with threat intelligence support teams and review and analyze log files from various sources including cloud, network, endpoint and IdAM

  • Ability to obtain a security clearance

  • HS diploma or GED

Nice If You Have:

  • Experience with common threat hunting solutions and tools or techniques used to analyze malware, extract indicators, and create signatures

  • Experience with one or more of the following, including Windows Enterprise security and systems administration, ATP/ATA/Sentinel, SIEM or SOC, including QRadar, Splunk ES, and ArcSight, data hunting, ELK, Splunk, Apache Spark, and AWS Stack, scripting, REST APIs, forensic tools, including FTK and Encase, and endpoint telemetry, Carbon Black, FireEye HX, Falcon, Tanium and Endgame

  • GIAC, GCFA or SANS 508 and GCFA GCFE, GREM, GNFA, GSNA, CISA, or OSCP Certification


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.


The proposed salary range for this position in Colorado is $120,000 to $140,000. Final salary will be determined based on various factors.

At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen Cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights Python competition and learning events to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced Cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in Cybersecurity—fully funded without a tuition cap.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.