Cyber Threat Hunter
Conduent
Through our dedicated associates, Conduent delivers mission-critical services and solutions on behalf of Fortune 100 companies and over 500 governments - creating exceptional outcomes for our clients and the millions of people who count on them. You have an opportunity to personally thrive, make a difference and be part of a culture where individuality is noticed and valued every day. The Cyber Threat Hunter will be responsible for proactively identifying, analyzing, and disrupting advanced threats within the organization’s enterprise and cloud environments. This role focuses on hypothesis‑driven hunting, detection engineering, and intelligence‑led investigations to uncover adversary activity that has evaded traditional security controls. As an offshore team member, this role will operate in close coordination with onshore Cyber Ops, SOC, Incident Response, and Security Engineering teams, providing continuous threat coverage and analytical depth across global time zones. Key Responsibilities Conduct proactive, hypothesis‑based threat hunts across endpoint, network, identity, cloud, and SaaS telemetry to identify unknown or emerging threats. Leverage MITRE ATT&CK to design and execute hunt scenarios aligned to known adversary tradecraft. Identify stealthy behaviors such as living‑off‑the‑land techniques, credential abuse, lateral movement, and command‑and‑control activity. Develop and refine detection logic, analytics, and queries within SIEM/XDR platforms (e.g., Cortex XSIAM or equivalent). Investigation & Response Support Perform deep‑dive investigations and escalates confirmed threat activity with clear evidence and recommendations. Partner with Incident Response teams during active incidents to provide threat context, scoping, and root cause analysis. Validate and tune alerts to reduce false positives while improving detection efficacy. Threat Intelligence Integration Correlate internal telemetry with threat intelligence feeds to identify active campaigns, exploited vulnerabilities, and adversary infrastructure. Track emerging threat actor techniques, malware families, and attack trends relevant to the organization’s industry. Translate intelligence into actionable hunts, detections, and defensive recommendations. Engineering, Automation & Program Maturity Contribute to the development of threat hunting playbooks, standard operating procedures, and knowledge repository in general. Support continuous improvement of the threat hunting program through metrics such as hunt coverage, findings quality, cyber posture enhancement identification. Produce clear, concise reports for both technical and non‑technical stakeholders. Qualifications Required 3+ years of experience in cybersecurity operations, with hands‑on experience in threat hunting. Strong understanding of adversary behaviors, attack chains, and common tactics across endpoint, network, identity, and cloud environments. Experience working with SIEM/XDR platforms, log analysis, and security telemetry at scale. Familiarity with threat intelligence lifecycle and MITRE ATT&CK framework. Strong analytical, investigative, and documentation skills. Ability to work independently in an offshore model and collaborate effectively with global teams across time zones. Preferred Hands‑on experience using Palo Alto Cortex XSIAM for threat hunting, detection engineering, investigation workflows, and alert tuning. Experience developing and operationalizing XSIAM analytics, queries, and investigation playbooks across endpoint, identity, cloud, and network telemetry. Strong experience hunting and investigating threats in Microsoft Azure environments, including Entra ID (Azure AD), Azure IaaS/PaaS workloads, and cloud identity logs. Familiarity with Azure security telemetry (Sign‑In Logs, Audit Logs, Defender for Cloud/Endpoint, Azure Activity Logs). Experience correlating cloud, endpoint, and identity signals to detect credential abuse, privilege escalation, lateral movement, and persistence techniques. Scripting and automation experience using Python, KQL, PowerShell, or Bash to support hunting, enrichment, and reporting. Exposure to malware analysis, OSINT, or threat intelligence platforms (TIPs) to inform hunt hypotheses and detections. Preferred Certifications GCED, GCIA, GCIH, or GCED OSCP, GPEN, or GWAPT Security+, CySA+, or equivalent industry certifications Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. For US applicants: People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by submitting their request through this form that must be downloaded: click here to access or download the form ( Complete the form and then email it as an attachment to View email address on click.appcast.io. You may also click here to access Conduent's ADAAA Accommodation Policy ( #J-18808-Ljbffr
$105.79k - $141.05k
...meaningful impact, and help shape the future of AI‑ready connectivity, join us today. The Role The Manager of Information Security—Cyber Threat Exposure Management plays a critical role in solving complex challenges and building the infrastructure that powers what’s next...CyberFull timeTemporary workRemote work$126k - $224.4k
...Security Actively engage with Security Architecture reviews using a threat driven mindset to identify and mitigate risks. Architect NIST‑... ...standard methodologies and applies them as appropriate, keeping cyber leaders apprised of trends and emerging technologies. Ensure IAM...CyberFull timeH1bFlexible hours- A cybersecurity-focused company is seeking experienced cybersecurity professionals to evaluate AI-generated security content and solve technical problems. Responsibilities include designing security evaluations and providing feedback to enhance AI systems. Candidates should...CyberRemote workFlexible hours
- .... You’ll work in an operational, client-facing role – detecting threats, investigating incidents like phishing or malware, and recommending... ...in areas such as threat hunting, vulnerability management, cyber security architecture, and risk assessment Familiarity with MITRE...CyberLocal areaWork from homeFlexible hours
- ..., charts Collaborate with SPO & Scrum Master to create and maintain a High-Level Feature Rollout Plan (FROP) Participate in product cyber security reviews Participate in Change Control Board (CCB) meetings to prioritize new features & defects Drive code quality initiatives...CyberTemporary work
- ...driven, automated execution pipelines capable of achieving multi-day remediation timelines for critical vulnerabilities. Working across Cyber, Endpoint, Systems, Network, Cloud, and Application teams, this role establishes standardized remediation playbooks and ensures...CyberFlexible hours
$130k - $135k
...detection coverage, and strengthening our detection, response, and threat-informed defense capabilities. It’s ideal for someone who excels... ...SOC operates day-to-day. You’ll play a key role in proactive cyber defense by collaborating across InfoSec teams, enhancing...CyberFull timeRemote workShift workWeekend work- ...program activities and staff to include operation, maintenance, and development of the Muscatatuck Training Center (MuTC) Advanced Cyber Center - Testing, Training, and Experimentation (MACC-TTE)**CORE RESPONISIBILITIES:*** Manage and provide MACC-TTE customer support...CyberContract workMonday to Friday
- ...General and Operations Management) Location Muscatatuck Indiana Job Description IDS is seeking a skilled Operations Manager II to support cyber range and training operations within a Department of Defense (DoD) environment. This role requires a hands‑on leader with experience...CyberLocal area
- ...upon contract AwardAs the **Program Manager**, you will Provide overall management of the Muscatatuck Training Center (MuTC) Advanced Cyber Center - Testing, Training, and Experimentation (MACC-TTE) to include directing all contractor/subcontractor personnel and...CyberContract workFor contractorsFor subcontractorWork at office
- ...the domain of the sender’s email address and that they are asking you to apply on this website. If you believe you’ve been a victim of a phishing scam, please visit the Department of Homeland Security’s Cyber Smart website to learn how to report it.* #J-18808-Ljbffr...CyberContract work
$40 per hour
...generated security content, solve technical cybersecurity problems, and provide feedback to improve how AI systems reason about real-world threats and defenses. Cybersecurity platforms are increasingly powered by AI, but these systems still require practitioners with real-...Hourly payFull timePart timeRemote work- ...secure architectures and designs, and advise clients on technical topics such as IAM, AuthN/AuthZ, Zero Trust, Container Security, Threat Modeling and Resilience. Key Responsibilities Deliver consulting and implementation projects across enterprise and cloud environments...Local areaWork from homeWorldwideFlexible hours
- ...helping clients identify investment opportunities and manage portfolio risks. Our services cover corporate governance, sustainability, cyber risk, and fund intelligence. Majority-owned by Deutsche Börse Group, ISS STOXX has over 3,400 professionals in 33 locations...CyberLocal areaWorldwideShift work
- ...cybersecurity. The company’s comprehensive, open, and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem,...Flexible hours
- ...collaboration tools. Over 80 of the Fortune 100, 10,000 large enterprises, and millions of smaller organizations trust Proofpoint to stop threats, prevent data loss, and build resilience across their people and AI workflows. Our mission is simple: safeguard the digital world...Flexible hours
- About Keyfactor Our mission is to build a connected society, rooted in trust, with identity-first security for every machine and human. Keyfactor helps organizations move fast to establish digital trust at scale — and then maintain it. With decades of cybersecurity experience...Full timeRemote work
$40 per hour
A cybersecurity firm is seeking experienced professionals to join their team and help train AI models. In this remote role, you will evaluate AI-generated security content and solve technical cybersecurity problems. Candidates should have over 2 years of experience in ...Hourly payRemote work$40 per hour
A cybersecurity and AI training company is seeking experienced cybersecurity professionals for a remote role. Responsibilities include evaluating AI-generated security content, designing security challenges, and providing feedback to enhance AI models. The ideal candidate...Hourly payRemote workFlexible hours$40 per hour
A leading cybersecurity firm is seeking experienced professionals to join their team remotely in various roles. The position involves evaluating AI-generated cybersecurity content, solving technical security problems, and providing critical feedback to enhance AI systems...Hourly payRemote workFlexible hours$40 per hour
A technology company specializing in AI and cybersecurity seeks experienced cybersecurity professionals to evaluate and improve AI-generated security content. Candidates will solve complex technical issues and provide feedback to enhance AI models. The position offers flexible...Hourly payRemote workFlexible hours- ## IT Support AnalystApplylocations: Bienne, Switzerlandtime type: Full timeposted on: Posted Todayjob requisition id: JR00002862MGI Luxury Group, located in Bienne, Switzerland, is an international and innovative company of Movado Group, Inc. which is a prestigious manufacturer...ApprenticeshipWork at officeWork from homeHome officeFlexible hours2 days per week
- ## Senior AccountantApplylocations: Remote - Nationwidetime type: Full timeposted on: Posted Yesterdayjob requisition id: R-1081Schellman is a Top 50 CPA firm and a leading provider of attestation and compliance services. Our professional services focus on security and ...Work experience placementImmediate startRemote workFlexible hours
- Transform technology into opportunity as a Web Developer at GDIT. Shape what’s next for mission‑critical government projects while shaping what’s next for your engineering career. MEANINGFUL WORK AND PERSONAL IMPACT As a Full‑Stack Web Application Developer supporting ...
$105.79k - $141.05k
Lumen is the trusted network for the AI‑powered world, connecting people, data, and applications through our expansive fiber network and connected ecosystem. We enable secure, high‑performance connectivity across cloud, edge, and AI workloads for enterprises, governments...Full timeTemporary workRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Cyber Threat Hunter. Be the first to apply!


