Cyber Threat Hunter, Senior

The Opportunity:

Are you looking for an active role in detecting advanced cyber threats to Federal Civilian Executive Branch Agencies, DoD, and Intelligence Communities? Instead of letting the attackers come to us, let’s go find them. Cyber threats are evolving, and perimeter security and automated protection aren’t enough—it’s time to go threat hunting.

We’re looking for CND and CNO specialists who can think like a cyber attacker to figure out how to circumvent security measures. You’ll use your experience and analytical skills to iteratively query large datasets to identify anomalies. Work with our team of experienced threat hunters to review intel and hunt for activity pertaining to emerging threats, develop new hunt analytics, identify visibility gaps, and recommend improvements to clients' security posture. Guide your team of cyber security experts to find the adversary in the security tool blind spot and advise clients on ways to close the gaps and harden their network. As a technical leader, you’ll identify new opportunities to build technical solutions to help your customers meet their toughest challenges. This is a chance to think differently about cyber defense, use completely new tools and approaches, and develop the next generation of security analytics. Let’s outsmart the adversary and protect our nation's most important institutions. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Empower change with us.

You Have:

  • 3+ years of experience with cybersecurity offensive or defensive technical operations
  • Experience with Advanced Persistent Threat (APT)hunting, pentesting, digital forensics, or incident response
  • Ability to profile and track malicious actors that pose a threat in coordination with threat intelligence support teams and review and analyze log files from various sources, including cloud, network, endpoint and IdAM
  • Ability to obtain a security clearance
  • HS diploma or GED

Nice If You Have:

  • Experience with threat hunting solutions and tools or techniques used to analyze malware, extract indicators, and create signatures
  • Experience with Windows Enterprise security and systems administration
  • Experience with ATP, ATA, and Sentinel, SIEM, or SOC, including QRadar, SplunkES, and ArcSight
  • Experience with data hunting, ELK, Splunk, Apache Spark, and AWS Stack
  • Experience with scripting, REST APIs, and forensic tools, including FTK and Encase
  • Experience with endpoint telemetry, including Carbon Black, FireEye HX, Falcon, Tanium, and Endgame
  • GIAC, GCFA or SANS 508 and GCFA GCFE, GREM, GNFA, GSNA, CISA, or OSCP Certification


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.


At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.

The salary for this position will be determined based on various factors. The proposed salary range for this position in Colorado is $130,000 to $150,000.

Create Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Not ready to apply? Join our talent community and sign up for job alerts.