This site uses cookies. To find out more, see our Cookies Policy

Cyber Threat Hunter in New York, NY at Booz Allen Hamilton Inc.

Date Posted: 5/19/2019

Job Snapshot

Job Description

Job Number: R0054784

Cyber Threat Hunter

The Challenge:

Are you looking for an active role in detecting advanced Cyber threats to our national security and government clients? Instead of letting the attackers come to us, let’s go find them. Cyber threats are evolving, and perimeter security and automated protection aren’t enough—it’s time to go threat hunting.

We’re looking for CND/CNO specialists who can think like a Cyber attacker to figure out how to circumvent security measures. This is an opportunity to use your analytical skills and gain network defense experience. You’ll learn to rapidly prototype and build scripts to create haystacks where you’ll sift through the false positives to find patterns and indicators. Learn from our team of Cybersecurity experts as you find the adversary in the SEIM’s blind spot to help the government close the gaps and harden their network. This is a chance to think differently about Cyber defense, use completely new tools and approaches, and develop the next generation of security analytics. Let’s outsmart the adversary and protect our national security for our government clients.

Empower change with us.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen Cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced Cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in Cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

You Have:

-Experience with IT infrastructure

-Experience with operational security, including Security Operations Center (SOC), Incident Response, Malware Analysis, or IDS and IPS analyses

-Knowledge of the TCP/IP networking stack and network IDS technologies

-Ability to work with client deliverable and requirements

-Ability to obtain a security clearance

-BA or BS degree

-GCFA, GCFE, GREM, GNFA, or OSCP Certification

Nice If You Have:

-Experience with regular expression and at least one common scripting language, including Python or PowerShell

-Experience with Windows Enterprise Security or Systems Administration

-Experience with SIEM/SOC, including Qradar, Splunk ES, or ArcSight

-Experience with Data Hunting, including ELK, Splunk, Apache Spark, or AWS Stack

-Experience with Scripting, including PowerShell, Python, or REST APIs

-Experience with Forensic tools, including FTK and Encase

-Experience with Endpoint Telemetry, including Carbon Black, HX, Falcon, or Endgame

-Experience with Network Hunting, including Bro Logs, Netflow, PCAP, or PaloAlto Firewall/Proxies

-Experience with Offensive tools, including Mimikatz, Metasploit, and Empire

-Knowledge of Windows operating system and PowerShell or command line

-Knowledge of Endpoint Incident Response and Forensics

-Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building

-Ability to provide onsite client support

-Ability to travel

-Ability to analyze malware and extract indicators, and create signatures, including Yara, Snort, and IOCs

-Possession of excellent collaborative skills

-BA or BS degree in CS or a related field


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.