Cyber Threat Hunter
$107.9k - $195.05kLeidos
Description The Leidos Digital Modernization sector is looking for a Cyber Threat Hunter to support a Defensive Cyber Operations (DCO) team in Washington, DC. This position is expected to become available in Summer 2026. Our team provides mission critical, 24/7 operational support to the customer's mission of protecting federal networked systems and services from cyber threats impacting national security. This hybrid position is primarily on-site, with potential for up to 20% telework. While this position will primarily work during core hours (0600 - 1600), it will be supporting a team of analysts working 24/7 rotating shifts (days, swings, nights). As such, occasional shift work or weekend work may be required to fill unexpected gaps in coverage.
PRIMARY RESPONSIBILITIES
Hypothesis-Driven Hunting: Develop and execute structured hunt campaigns by forming theories on adversary persistence and lateral movement based on the latest TTPs. Advanced Telemetry Analysis: Query and correlate massive datasets across cloud resources, identity systems, and network infrastructure to identify "low and slow" attacks that evade automated detection. Detection Engineering Pipeline: Partner with detection teams to transform manual hunt discoveries into high‑fidelity, automated detection rules (SIEM/EDR). Automated Countermeasure Deployment: Design and maintain automation scripts to scale threat mitigation and isolate compromised assets at machine speed. APT Targeting & Engagement: Utilize theMITRE ATT&CKframework to proactively search for Advanced Persistent Threat (APT) activity, assuming a "breach mentality" to uncover hidden adversaries. Indications & Warnings (I&W) Integration: Analyze internal and external telemetry to identify early triggers and "smoke" that signal an imminent or ongoing compromise. Tactical Reporting & Metrics: Author detailed technical hunt reports summarizing findings, operational gaps, and measurable improvements to the organization's security posture. Situational Awareness: Maintain a deep understanding of the current threat landscape, focusing on how new vulnerabilities or malware variants could be exploited within the customer enterprise.BASIC QUALIFICATIONS
Bachelor's Degree with 8+ yrs of experience or Master's Degree with 6+ yrs of relevant experience; additional years of experience may be substituted in lieu of degrees. DoD 8570 IAT Level II/III: Must hold an IAT Level II or higher certification (or obtain within 180 days). (e.g., CompTIA Security+, CySA+, GSEC, and SSCP) or (CASP+ CE, CCNP Security, CISA, GCED, and GCIH) DoD 8570 CSSP Analyst: Must hold a CSSP Analyst certification (or obtain within 180 days). (e.g., CompTIA CySA+, Cloud+, GIAC Global Information Assurance Certification (GCIA)) DoD 8570 CSSP Infrastructure Support: Must hold a CSSP Infrastructure Support certification (or obtain within 180 days). (e.g., CompTIA CySA+, Cloud+, EC-Council CEH, CND, CHFI, GIAC GICSP, and ISC2 SSCP) Technical Proficiency: Expert knowledge of networking protocols (TCP/IP, DNS, and common security elements like IDS/IPS and next‑gen firewalls. Data Analysis: Direct experience analyzing complex packet captures and endpoint logs to reconstruct attack timelines. Security Clearance: Current DoD TS/SCI security clearance and ability to pass additional customer suitability screenings prior to start and maintain throughout employment.PREFERRED SKILLS
Hunt Methodology: Demonstrated experience planning and executing hunt missions in complex, hybrid‑cloud environments. Query Languages: Expert proficiency in SPL (Splunk), KQL (Kusto), or DSL (Elastic) for large‑scale data mining. Scripting for Security: Advanced use of Python, PowerShell, or Bash to automate repetitive hunt tasks and data enrichment. Forensic Insight: Previous experience in Digital Forensics or Incident Response (DFIR) to assist in root‑cause analysis. Cloud Infrastructure: Familiarity with hunting within AWS, Azure, O365, and containerized workloads. AI‑Enhanced Defense: Experience using AI‑driven analytics to sift through noise and identify anomalous behavioral patterns. Original Posting: March 12, 2026 Pay Range: $107,900.00 - $195,050.00 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. About Leidos Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit Pay and Benefits Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at Securing Your Data Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment‑related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment‑related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at View email address on click.appcast.io. If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. #J-18808-Ljbffr Leidos$94.1k - $150k
...Position Overview The Cyber Threat Hunter proactively protects enterprise environments from advanced cyber threats by analyzing network, endpoint, and log data to identify malicious activity that may evade conventional security controls. This role establishes normal traffic...CyberContract workWork at office- A leading technology firm is seeking a Cyber Threat Hunter to join their team in Washington, DC. This hybrid position involves developing and executing threat hunting campaigns, analyzing complex datasets, and crafting detailed technical reports. Candidates should have...Cyber
- A leading technology company is seeking a Cyber Threat Hunter to join their Defensive Cyber Operations team in Washington, DC. The role involves developing hunt campaigns, conducting advanced telemetry analysis, and maintaining high levels of situational awareness regarding...CyberRemote work
- Phase2 Technology is seeking a Cyber Incident Responder in Arlington, Virginia. In this role, you'll protect critical infrastructure from cyber threats by analyzing logs and forensic data, responding to incidents in real time, and advising clients on network security....Cyber
- ...A cybersecurity firm in Arlington, Virginia, is seeking a Computer Network Defense Analyst to monitor network activity, analyze cyber threats, and recommend proactive measures to contain incidents. The ideal candidate will have over 5 years of experience in cyber defense...Cyber
- Base One Technologies in Washington, DC, is looking for a Junior Cyber Network Defense Analyst to provide 24x7 support, monitor network... .../SCI clearance is mandatory. This role involves shift work and demands proactive threat analysis. #J-18808-Ljbffr Base One TechnologiesCyberShift work
$62k - $141k
Booz Allen Hamilton in Arlington, Virginia, is seeking a Systems Security Analyst to engage in threat hunting and cyber defense. This role requires a candidate who can analyze security measures and implement solutions to identify cyber threats effectively. The ideal candidate...Cyber- Booz Allen Hamilton is seeking a Cyber Mission Specialist in Arlington, VA. In this role, you will leverage your experience to address cybersecurity threats and vulnerabilities, contributing significantly to national defense. The position requires a Bachelor's degree, 1...Cyber
- Ampcus, Inc is hiring a Senior Cyber Security Analyst in Washington, DC. This role involves the administration of cyber control technologies and is crucial for monitoring and responding to cyber incidents in both IT and Operational Technology (OT) networks. The ideal candidate...Cyber
- ManTech seeks a motivated Cyber Threat Hunter to join our team in McLean, VA. The role involves leveraging technical expertise to detect and mitigate cyber threats, utilizing methodologies like MITRE ATT&CK and conducting threat hunts based on internal data. Qualifications...Cyber
- UltraViolet Cyber, located in McLean, Virginia, is actively seeking a Cyber Threat Researcher (Level II) for its Threat Intelligence & Detection Engineering team. This role involves engaging in threat hunts and creating effective threat detections to protect clients from...Cyber
$50k - $90k
UltraViolet Cyber in McLean, Virginia, is seeking an Associate Cyber Threat Researcher (Level I) to enhance cybersecurity operations. This role focuses on threat hunting and creating advanced threat detection strategies to defend clients against cyber threats. The ideal...Cyber- ...Cybersecurity Threat HunterSecurity OperationsUS Exempt RegularFull timeStateside Exempt 3.4 Cybersecurity Threat Hunter Security Operations Full-time, Exempt Regular, Pay Grade... ...consultation on threat hunting methodologies and cyber adversary techniques. Maintain...CyberFull time
- MANTECH seeks a motivated, career and customer-oriented Cyber Threat Hunter to join our team in Mclean, VA . The Cyber Threat Hunter will leverage their strong technical background and knowledge to proactively detect, investigate, and mitigate cyber threats within our...CyberWork at officeLocal area
- ..., ownership, and execution over bureaucracy. Title: Senior Threat Hunter Location: Washington, DC or Chandler, AZ Terms: Full-time... ...across a security program Current knowledge of cyber adversary tactics, trends, and the evolving federal threat landscape...CyberFull timeWork experience placementFlexible hours
- ...Job Description *** This position is contingent upon contract award *** Overview SOSi is seeking a Senior Threat Hunter to support proactive cyber defense activities in alignment with our customer. This role is responsible for conducting threat hunting...CyberContract workWork at officeWorldwideMonday to FridayWeekend workAfternoon shift
- ...Job Description Job Description cFocus Software seeks a Mid Level Cyber Threat Hunter to join our program supporting US Courts in Washington, DC. This position is 4 days a week onsite in DC and one day remote. Required Qualifications include: ~5+ years of experience...CyberWork at officeRemote work
- ...a SOC Analyst II to join our Security Operations team. This role focuses on monitoring, triaging, and responding to cybersecurity threats. The ideal candidate will possess a strong technical foundation and a passion for operational cybersecurity, working closely with IT...
- A cybersecurity solutions provider is seeking a Jr Industrial Control System Cyber Threat Intelligence Analyst in Arlington, VA. The ideal candidate should hold a Bachelor's degree with at least 2 years of relevant experience and have hands-on capabilities in cyber incident...Cyber
- A leading cybersecurity firm in Arlington, Virginia is seeking Cyber Network Defense Analysts to support critical missions by analyzing network traffic and identifying threats. The ideal candidate requires U.S. Citizenship, active TS/SCI Clearance, and 5+ years of experience...Cyber
- JPMorgan Chase is hiring for a senior technical role within CRAFT, focused on complex problem-solving in cyber threat analysis and intrusion detection. Candidates will engage in hands-on technical research and analysis to support operational response during high-priority...Cyber
- ...Requisition #: 1617 Job Title: Cyber Threat Intelligence Analyst Location: Hybrid, Arlington, VA Clearance Level: Top Secret, Must Have Clearance to Start Job Description Agile Defense is actively seeking a Cyber Threat Intelligence Analyst with background experience...Cyber2 days per week
- ...Cyber Threat Analyst/Computer Security Systems Specialist The client is looking for a Cyber Threat Analyst/Computer Security Systems Specialist to research and analyze classified reporting to identify current and emerging threat trends and work with intelligence community...CyberDay shift
- A prominent technology firm in Arlington, Virginia, seeks a skilled cybersecurity professional to lead insider threat operations. Ideal candidates will have over 7 years of cybersecurity experience, including 5 years in security monitoring and forensic tools, along with...Cyber
$135k - $145k
Tyto Athene, LLC is looking for a Cyber Event Monitoring Lead to oversee threat monitoring and incident reporting in Washington, DC. The role entails collaborating with Senior Analysts, utilizing SIEM technologies, and managing enterprise network security. The ideal candidate...Cyber- ECS is seeking a Mid. Cyber Incident Coordinator to join their team in Arlington, VA. This role involves analyzing cyber threat intelligence and coordinating incident responses while supporting the JCDC initiative. Candidates should have 6+ years in cybersecurity and an...Cyber3 days per week
- EmergencyMD is seeking a Lead Cyber Threat Analyst to address advanced cyber threats in Washington, D.C. This role includes leading threat analysis, conducting threat hunting, managing SOC operations, and collaborating with cross-functional teams. The ideal candidate should...Cyber
- A cybersecurity firm is seeking a Manager, Cyber Programs to lead strategies that mitigate cyber risks to critical infrastructure. The... ...over 8 years of experience in cybersecurity operations, including threat intelligence and threat hunting. Excellent communication skills...Cyber
- Node.Digital is seeking an Incident Manager in Arlington, VA, to support cyber threat intelligence efforts. The ideal candidate will possess a Top Secret Security Clearance and have over two years of relevant experience. Responsibilities include gathering and analyzing...Cyber
- ...Summary Cyber Threat Analysts assess foreign cyber intentions and capabilities to support U.S. national security interests. Learn more about this agency Duties Help As a Cyber Threat Analyst at CIA, you will analyze foreign cyber intentions and capabilities...CyberFull timePart time
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Cyber Threat Hunter. Be the first to apply!

