Senior Threat Hunter
$85.1k - $161.7kRSM US LLP
- # Senior Threat HunterApplylocations: Harrisburg: Chicago: Atlanta Metro Area: Washington DC Metro: Charlottetime type: Full timeposted on: Posted Yesterdayjob requisition id: JR118768We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.As a Senior Threat Hunter/SOC Analyst within RSM Defense, you own high-severity security investigations and help guide the SOC’s technical direction across a growing managed security services environment supporting diverse client organizations. You will lead end-to-end incident analysis, validate adversary behavior, and translate evidence into clear containment and remediation guidance tailored to each client’s environment and risk context. You will also influence detection engineering and response automation by identifying content gaps, validating improvements against live telemetry, and converting operational lessons learned into durable, repeatable change.The SOC operates on an integrated detection and response model across endpoint, identity, cloud, and network telemetry, supported by AI-assisted analysis and automation to reduce repetitive triage and maximize analyst focus on complex tradecraft, proactive improvements, and mentorship.**Key Responsibilities:****Advanced Investigation, Incident Handling & Incident Response*** Lead complex, high-severity investigations across endpoint, network, cloud, and identity telemetry.* Perform root cause analysis and reconstruct incident timelines using aligned MITRE ATT&CK mapping.* Serve as the primary technical liaison during escalated incidents, delivering clear findings and remediation steps to internal leadership and clients.* Drive the creation of After-Action Reports (AARs) and lessons learned to improve tooling, detections, and workflow performance.**Detection Engineering & Content Support*** Identify detection gaps and collaborate with Detection Engineering to develop, refine, and tune detection content across relevant telemetry sources.* Validate new detections before SOC deployment and provide measurable feedback based on production telemetry.**SOAR Automation & Workflow Optimization*** Leverage SOAR platforms to automate enrichment, triage, and response actions.* Identify repetitive patterns ideal for automation and propose workflow enhancements to reduce MTTR.* Validate automation logic prior to production rollout and ensure alignment with SOC escalation policies.* Collaborate with engineering teams to incorporate additional enrichment sources, threat intel lookups, and AI-driven analysis steps.**AI, Machine Learning & Prompt Engineering*** Utilize AI copilots, enrichment agents, and LLM-based analysis tools to support case triage, enrichment, and investigation.* Develop, optimize, and maintain prompt templates for SOC use cases (enrichment summaries, detection validation, log interpretation, hypothesis generation).* Evaluate the accuracy and reliability of AI-generated outputs and implement QA steps to avoid hallucinations or misleading results.* Identify opportunities to integrate AI agents into detection, triage, and response workflows—improving analyst speed and consistency.* Provide feedback to engineering teams on model behavior, content gaps, and automation integration opportunities.**Threat Hunting & Proactive Analysis*** Support hypothesis-driven and intelligence-led hunts by validating findings, artifacts, and suspicious patterns.* Recommend new hunts based on emerging TTPs, anomalous case trends, or telemetry gaps discovered during investigations.* Ensure hunt findings translate into new detections, enhanced content, or instrumentation improvements.**Leadership, Mentoring & Team Development*** Mentor junior analysts on investigation techniques, tooling proficiency, case documentation, and proper analytical depth.* Conduct quality reviews of Tier 1/2 case handling and provide constructive feedback.* Contribute to training guides, runbooks, knowledge bases, and onboarding materials.* Lead technical briefings, internal workshops, and knowledge-sharing sessions across SOC teams.**Reporting & Continuous Improvement*** Produce clear, concise, and accurate technical reports, incident summaries, and executive-friendly communications.* Identify inefficiencies and propose enhancements in monitoring, detection logic, processes, and analyst training.**Required Qualifications:*** 5+ years in SOC / detection engineering / threat hunting / incident response (or equivalent depth)* Demonstrated experience leading complex investigations and communicating findings to both technical and non-technical stakeholders* Hands-on SIEM/EDR/XDR investigation experience and comfort writing or tuning detections (KQL/SPL/Sigma or similar)* Strong working knowledge of incident response lifecycle and evidence-driven root cause analysis**Preferred Qualifications:*** Certifications such as GCIH, GCFA, GCDA, or similar.* Experience with Elastic, Splunk, or other search-based platforms.* Knowledge of the MITRE ATT&CK framework.* Exposure to scripting languages for automation and enrichment.**Key Attributes:*** Curious and detail-oriented with a passion for proactive defense.* Able to work independently or collaboratively in high-paced environments.* Strong written and verbal communication skills.* Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.This role provides a hands-on opportunity to engage in proactive threat detection and response activities and contribute directly to the maturity and effectiveness of the SOC’s security posture.At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at applicants will receive consideration for employment as RSM does not tolerate discrimination and/or harassment based on race; color; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender; sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the US uniformed service; US Military/Veteran status; pre-disposing genetic characteristics or any other characteristic protected under applicable federal, state or local law.Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please call us at View phone number on click.appcast.io or send us an email at View email address on click.appcast.io does not intend to hire entry level candidates who will require sponsorship now OR in the future (i.e. F-1 visa holders). If you are a recent U.S. college / university graduate possessing 1-2 years of progressive and relevant work experience in a same or similar role to the one for which you are applying, excluding internships, you may be eligible for hire as an experienced associate.RSM will consider for employment qualified applicants with arrest or conviction records. For those living in California or applying to a position in California, please click here for additional information.At RSM, an employee’s pay at any point in their career is intended to reflect their experiences, performance, and skills for their current role. The salary range (or starting rate for interns and associates) for this role represents numerous factors considered in the hiring decisions including, but not limited to, education, skills, work experience, certifications, location, etc. As such, pay for the successful candidate(s) could fall anywhere within the stated range.Compensation Range: $85,100 - $161,700Individuals selected for this role will be eligible for a discretionary bonus based on firm and individual performance.
- J-18808-Ljbffr Rsm Us Llp
Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Senior Threat Hunter in Washington DC vacancy
- ...Technology is seeking a Cyber Incident Responder in Arlington, Virginia. In this role, you'll protect critical infrastructure from cyber threats by analyzing logs and forensic data, responding to incidents in real time, and advising clients on network security. The ideal...Senior
- Rsm Us Llp is looking for a Senior Threat Hunter in Washington DC Metro to lead high-severity security investigations. You will manage incidents across endpoint, network, cloud, and identity telemetry while mentoring junior staff. Ideal candidates have 5+ years of experience...SeniorFlexible hours
$150k - $186.3k
A global law firm is seeking a Senior IT Security Engineer specializing in Threat Response. This role involves proactively identifying and mitigating threats, collaborating with incident response teams, and analyzing security data. Candidates should have a strong understanding...SeniorRemote jobFlexible hours- ...activity and lead incident response efforts. Responsibilities include triaging alerts, building detection signatures, and conducting threat hunting. The ideal candidate has experience in security monitoring and Python development, along with strong communication skills....Senior
- Ampcus, Inc is hiring a Senior Cyber Security Analyst in Washington, DC. This role involves the administration of cyber control technologies and is crucial for monitoring and responding to cyber incidents in both IT and Operational Technology (OT) networks. The ideal candidate...Senior
- ...missions worldwide. Job Description *** This position is contingent upon contract award *** Overview SOSi is seeking a Senior Threat Hunter to support proactive cyber defense activities in alignment with our customer. This role is responsible for conducting threat...SeniorContract workWork at officeWorldwideMonday to FridayWeekend workAfternoon shift
- ...and delivered by operating with a product mindset, prioritizing speed, ownership, and execution over bureaucracy. Title: Senior Threat Hunter Location: Washington, DC or Chandler, AZ Terms: Full-time Clearance: Secret eligibility Travel: 0-20% Position...SeniorFull timeWork experience placementFlexible hours
- Saic is hiring a Financial Intel Analyst in Arlington, VA. The role involves analyzing cryptocurrency and financial intelligence to support national security objectives. The successful candidate will produce actionable intelligence reports and collaborate with the intelligence...Senior
$94.1k - $150k
...Position Overview The Cyber Threat Hunter proactively protects enterprise environments from advanced cyber threats by analyzing network, endpoint, and log data to identify malicious activity that may evade conventional security controls. This role establishes normal traffic...Contract workWork at officeASM Research, An Accenture Federal Services Company
Washington DC1 day ago$107.93k - $188.9k
...Deloitte is seeking a Threat Hunter, Cyber Defense & Resilience to support proactive cyber threat detection, analysis, and response in complex client environments. This role focuses on identifying adversary behavior, investigating suspicious activity, and improving defensive...PowerToFly
Washington DC3 days ago- ...cybersecurity firm is looking for Cyber Eviction Analysts in Arlington, Virginia. This role involves incident response, analyzing threats, and advising technical personnel on countermeasures. Candidates must have active TS/SCI clearance, a relevant degree, and extensive...Senior
- ...Candidates must possess a TS/SCI clearance and have at least 8 years of relevant experience in incident response, knowledge of operational threat environments, and strong communication skills. This position values collaboration and encourages innovation in tackling complex...SeniorRemote work
$107.9k - $195.05k
Overview The Leidos Digital Modernization sector is looking for a Cyber Threat Hunter to support a Defensive Cyber Operations (DCO) team in Washington, DC. This position is expected to become available in Summer 2026. Our team provides mission critical, 24/7 operational...Summer workCasual workLocal areaRemote workShift workNight shiftRotating shift- A leading technology company is seeking a Cyber Threat Hunter to join their Defensive Cyber Operations team in Washington, DC. The role involves developing hunt campaigns, conducting advanced telemetry analysis, and maintaining high levels of situational awareness regarding...Remote work
- A leading technology firm is seeking a Cyber Threat Hunter to join their team in Washington, DC. This hybrid position involves developing and executing threat hunting campaigns, analyzing complex datasets, and crafting detailed technical reports. Candidates should have...
- ...Hamilton is seeking a Cyber Mission Specialist in Arlington, VA. In this role, you will leverage your experience to address cybersecurity threats and vulnerabilities, contributing significantly to national defense. The position requires a Bachelor's degree, 10+ years of...
$62k - $141k
Booz Allen Hamilton in Arlington, Virginia, is seeking a Systems Security Analyst to engage in threat hunting and cyber defense. This role requires a candidate who can analyze security measures and implement solutions to identify cyber threats effectively. The ideal candidate...- ...field, along with strong analytical skills. Familiarity with SOC processes and various cybersecurity tools is required. Current DoD TS/SCI clearance is mandatory. This role involves shift work and demands proactive threat analysis. #J-18808-Ljbffr Base One TechnologiesShift work
- ...cybersecurity firm in Arlington, Virginia, is seeking a Computer Network Defense Analyst to monitor network activity, analyze cyber threats, and recommend proactive measures to contain incidents. The ideal candidate will have over 5 years of experience in cyber defense...
- ManTech seeks a motivated Cyber Threat Hunter to join our team in McLean, VA. The role involves leveraging technical expertise to detect and mitigate cyber threats, utilizing methodologies like MITRE ATT&CK and conducting threat hunts based on internal data. Qualifications...
- ...in Washington, DC. The ideal candidate will have 8+ years of cybersecurity experience with specific expertise in incident response, threat hunting, and SIEM technologies like Splunk and ExtraHop. Responsibilities include leading operations and guiding teams during high-...Senior
Accenture
Washington DC9 hours ago - MANTECH seeks a motivated, career and customer-oriented Cyber Threat Hunter to join our team in Mclean, VA . The Cyber Threat Hunter will leverage their strong technical background and knowledge to proactively detect, investigate, and mitigate cyber threats within our...Work at officeLocal area
- ...Cybersecurity Threat HunterSecurity OperationsUS Exempt RegularFull timeStateside Exempt 3.4 Cybersecurity Threat Hunter Security Operations Full-time, Exempt Regular, Pay Grade 3.4 Location: Hybrid (Occasional onsite presence in Adelphi, MD) We are seeking...Full time
$100k - $120k
Uvcyber, located in McLean, Virginia, seeks a Cyber Threat Detection & Response Engineer to join its Threat Intelligence & Detection Engineering team. In this role, you will be responsible for performing threat hunts, creating intelligence-based detections, and collaborating...- Insight Global is seeking a Cyber Eviction Analyst to support critical customer missions. This role requires serving as a subject matter expert in incident response and analyzing cybersecurity incidents. The ideal candidate has a Bachelor’s degree and 8+ years of relevant...
- A minority-owned technology firm in Arlington, VA, is seeking an Incident Response Expert / Cyber Eviction Analyst. This role requires 8+ years of cyber incident response experience and the ability to manage critical incidents effectively. The ideal candidate will have ...
- ...is seeking a SOC Analyst to support the Department of Interior. This role focuses on security analysis activities, monitoring for threats, and responding to incidents. Candidates should have a Bachelor’s degree and at least 5 years of related experience, preferably with...Senior
- JPMorgan Chase is hiring for a senior technical role within CRAFT, focused on complex problem-solving in cyber threat analysis and intrusion detection. Candidates will engage in hands-on technical research and analysis to support operational response during high-priority...Senior
$120k - $145k
...for this position is between $120,000 and $145,000. The role involves performing various security analysis activities, maintaining threat awareness, and executing incident response activities. The position comes with full-time benefits including health insurance, paid...SeniorFull time- A leading cybersecurity solutions provider in Arlington, Virginia is seeking motivated individuals to support cyber threat intelligence efforts. Ideal candidates will have 5+ years of experience, U.S. Citizenship, and an active TS/SCI Clearance. Responsibilities include...Senior
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Threat Hunter. Be the first to apply!
Related searches
- hunter Washington DC
- sales hunter Washington DC
- senior learning manager Washington DC
- senior data management analyst Washington DC
- senior app developer Washington DC
- senior game producer Washington DC
- senior sustainability consultant Washington DC
- senior manager quality engineering Washington DC
- senior software test automation engineer Washington DC
- senior quantitative risk analyst Washington DC