Cyber Threat Hunter, Mid

The Opportunity:

Are you looking for an active role in detecting advanced cyber threats that are the highest concern to the most companies? Instead of letting the attackers come to us, let’s go find them. Cyber threats are evolving, and perimeter security and automated protection aren’t enough—it’s time to go threat hunting.

We’re looking for cyber security professionals with experience in Incident Response, Cyber Threat Intelligence, Detection, and Response, who can think like an adversary. This is an opportunity to use your analytical skills and gain network defense experience. Learn from our team of cyber security experts as you find the adversary in the SIEM’s blind spot to help the top companies close the gaps and harden their networks. This is a chance to think differently about cyber defense, use completely new tools and approaches, and develop the next generation of security analytics. Let’s outsmart the adversary and protect the most important companies in the commercial space. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Empower change with us.

You Have:

  • 3+ years Information Technology infrastructure experience

  • 3+ years of recent operational security experience including SOC, incident response, malware analysis, and IDS and IPS analysis

  • Experience working with, analyzing, and manipulating security data

  • Knowledge of networking

  • Knowledge of threat actors’ tactics, techniques, and procedures

  • Knowledge of operating system architecture and security features

  • Knowledge of threat hunting techniques

  • Knowledge of the relationship among hunt and security teams

  • Bachelor's degree

Nice If You Have:

  • Experience with SEIM platforms including Splunk and ELK

  • Experience with collection and detection tools, host-based and network-based, including Zeek, Snort, Arkime, Sysmon, commercial EDRs, and commercial AVs

  • Experience with analytic tools including IDA, Wireshark, and CyberChef

  • Knowledge of EDR Logs including security data

  • Knowledge of how to identify potential detection opportunities

  • Knowledge of coding and scripting

  • Knowledge of Information Technology administration including network, server, and workstation

  • Ability to identify security issues

  • GIAC, EC-Council or Offensive Security certification


At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full time and part time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs, individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. 

Salary for this position is determined by various factors, including but not limited to, location, the candidate’s particular combination of knowledge, skills, competencies and experience, as well as contract specific affordability and organizational requirements. The proposed salary range for this position is outlined below.

Colorado: $65,000- $134,100 (annualized USD)

New York (including New York City): $68,500 - $161,000 (annualized USD)

Create Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

  • Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

  • Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

  • Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

  • Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

  • Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Not ready to apply? Join our talent community and sign up for job alerts.