Cyber Threat Intelligence Hunter

Cyber Threat Hunter – Lead Advanced Threat Detection & Proactive Defense

Leidos is seeking a Cyber Threat Hunter to join a mission‑critical cybersecurity team dedicated to staying ahead of sophisticated adversaries. In this role, you will proactively hunt for malicious activity, analyze emerging attacker tactics, and transform intelligence into actionable defensive improvements that protect high‑value assets. You’ll work closely with SOC analysts, incident responders, and security engineers to elevate detection capabilities, guide investigations, and mentor others in advanced threat‑hunting tradecraft.

• Conduct proactive threat hunts to identify suspicious activity before it escalates.
• Apply critical thinking to analyze threat intelligence, attacker TTPs, and emerging techniques.
• Review and correlate logs from firewalls, hosts, EDR, IDS/IPS, and other internal sources.
• Respond to RFIs and conduct scoped investigations using all available tools.
• Leverage knowledge of security controls across Endpoint, Cloud, SaaS, and Identity.
• Use EDR platforms to investigate alerts, anomalies, and malicious activity.
• Develop custom SIEM and IDS rules/signatures to strengthen detection capabilities.
• Perform incident handling tasks including triage, response, documentation, and lessons learned.
• Educate customers on threats and advise on best practices.
• Analyze ongoing attacks such as phishing, DDoS, ransomware, and data leakage.
• Track and engage with threat actors across the clear, deep, and dark web.
• Serve as a subject‑matter expert in threat intelligence and advanced detection.
• Build dashboards, alerts, and monitoring content within SIEM and other security tools.
• Continuously optimize detection content to support SOC operations.
• Create and maintain technical documentation, detection strategies, and monitoring processes.
• Identify detection gaps and recommend improvements.
• Mentor SOC analysts and guide team members in tactical security practices.
• Develop strategies for incident handling and coordinate responses to security breaches.

• Deep analytical skills, hands‑on threat‑hunting experience, and the ability to lead investigations in complex environments.
• Active DoD TS/SCI clearance.
• Current DoD 8140‑compliant security certification; ability to obtain CE certification within 6 months.
• Bachelor’s degree and 6+ years of cybersecurity experience (or equivalent experience/certifications).
• Experience with Endpoint Detection and Response (EDR) platforms.
• Strong understanding of security controls across Endpoint, Cloud, SaaS, and Identity.
• Background in analyzing alerts and identifying anomalous or malicious activity.
• Experience developing detection content and understanding content lifecycle management.
• Ability to analyze logs from Network/Host, EDR, Firewall, IDS/IPS, and Cloud sources.
• Experience leading incident response engagements.
• Knowledge of security architectures, firewalls, vulnerabilities, and system/application threats.
• Strong communication skills for presenting findings to stakeholders.
• Ability to travel as required.
• Proven, well‑rounded experience in information security.

• Bachelor’s degree in IT, CIS, Cybersecurity, or related field.
• Certifications such as CySA+, CASP+, CISSP, or equivalent.
• Familiarity with MITRE ATT&CK and other security frameworks.
• Experience with Security Onion.
• Hands‑on experience with tools such as EDR, Firewalls, IDS/IPS, DLP, SIEM, forensic/malware analysis, and cloud security tools.
• Strong analytical, problem‑solving, communication, and project management skills.

Pay Range: $ - $. The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered include responsibilities, education, experience, knowledge, skills, and abilities, internal equity, market data, applicable bargaining agreement, and other laws.

Employment benefits include competitive compensation, health and wellness programs, income protection, paid leave, and retirement plans.

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.