Security Engineer III, Cyber Threat Hunter

Security Engineer III, Cyber Threat Hunter

Deloitte is seeking a Threat Hunter, Cyber Defense & Resilience to support proactive cyber threat detection, analysis, and response in complex client environments. This role focuses on identifying adversary behavior, investigating suspicious activity, and improving defensive operations through data‑driven hunting and detection strategies. The ideal candidate brings hands‑on experience across security operations, threat hunting, and incident analysis, along with the ability to translate findings into actionable security improvements.

This is an opportunity to work on high‑impact cyber missions in a collaborative, fast‑paced environment.

• Conduct proactive threat hunts across endpoint, network, cloud, and log data to identify malicious activity, anomalous behavior, and indicators of compromise.
• Analyze security telemetry, alerts, and artifacts to investigate threats and support detection, containment, and remediation activities.
• Develop hunt hypotheses based on threat intelligence, adversary tactics, techniques, and procedures, and documented attack patterns.
• Partner with security operations, incident response, and engineering teams to improve detections, close visibility gaps, and strengthen defensive capabilities.
• Document hunt methodologies, findings, and recommendations, and communicate results to technical stakeholders and team leadership.

• Ability to work independently and collaborate as part of a team.
• Effective written and verbal communication skills.
• Meticulous attention to detail and quality of work product.
• Ability to build and sustain professional relationships.
• Ability to lead projects or work streams.
• Ability to manage and prioritize multiple tasks in a fast‑paced and dynamic environment.
• Strong interpersonal skills and professional demeanor.
• Ability to meet deadlines.
• Ability to provide clear guidance to others.

Deloitte’s Cyber Defense & Resilience team helps clients identify, investigate, and respond to evolving cyber threats across mission‑critical environments. The team brings together threat hunters, incident responders, analysts, and cyber specialists to strengthen detection capabilities and improve operational resilience.

• Bachelor’s degree in computer science, cybersecurity, information technology, engineering, or a related technical field.
• 3+ years of experience in threat hunting, security operations, detection engineering, or incident response.
• 3+ years of experience with security information and event management platforms, endpoint detection and response platforms, and network analysis tools.
• 2+ years of experience analyzing endpoint, network, cloud, and log telemetry to identify suspicious or malicious activity.
• 2+ years of experience mapping adversary behavior to MITRE ATT&CK and documenting hunt findings and recommendations.
• Ability to travel 20% based on client needs.
• Ability to obtain and maintain necessary clearance.
• Certifications such as CISSP, GIAC Incident Handler, or GIAC Forensic Analyst are preferred.
• Must be legally authorized to work in the United States without employer sponsorship.

• 1+ years of experience supporting government or public sector cybersecurity environments.
• 2+ years of experience creating or tuning detection logic, analytic rules, or hunt queries.
• 2+ years of experience with digital forensics or malware analysis.
• Experience with cloud security monitoring in AWS or Azure environments.
• Experience using Python, Power Shell, or SQL for analysis or automation.

The wage range for this role is $107,925 to $188,900, adjusted for factors such as skill set, experience, certifications, and business needs.

You may be eligible to participate in a discretionary annual incentive program, subject to the program rules.

Deloitte is committed to providing reasonable accommodations for people with disabilities. If you require a reasonable accommodation to participate in the recruiting process, please direct your inquiries to the Global Call Center (GCC) at

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Arlington/Rosslyn, Virginia, United States;
Baltimore, Maryland, United States;
Washington, District of Columbia, United States

355314