Cyber Threat Hunter

About you and this role

Dow has an exciting opportunity for a Cyber Threat Hunter located in Midland, MI
.

As a Cyber Threat Hunter, you will serve as a proactive defender within the Cybersecurity Operations Center (CSOC), reporting to the CSOC Operations Leader. On top of day-to-day investigations and incident response, this position focuses on hypothesis‑driven hunting to uncover advanced threats that evade automated detection. You will lead threat‑hunting initiatives, collaborate with the Dow red team to emulate adversary tactics, and act as a focal point for advanced detection strategies across the team.

Your mission is to anticipate, identify, and neutralize sophisticated adversaries by leveraging threat intelligence, behavioral analytics, and forensic techniques. This role demands curiosity, creativity, and technical depth to stay ahead of evolving attack methodologies.

• Handles escalations and determines response actions for cybersecurity incidents
• Collects threat intelligence and converts it to actionable content
• Participates in table‑top exercises, ethical hacking, and cyber‑range training
• Lead hypothesis‑driven hunts based on MITRE ATT&CK and emerging TTPs
• Perform deep‑dive analysis of network traffic, endpoint telemetry, and identity logs to uncover and analyze adversarial behaviors
• Develop and refine detection logic for SIEM and EDR platforms
• Collaborate with threat intelligence teams to operationalize indicators of compromise (IOCs) and adversary emulation plans
• Construct adversary emulation scenarios to validate detection coverage and identify gaps
• Document hunt methodologies and findings to strengthen organizational resilience and inform future hunts

• A minimum of a bachelor’s degree or relevant military experience at or above a U.S. E5 ranking or Canadian Petty Officer 2nd Class or Sergeant or a minimum of 3 total years of relevant IT experience in lieu of a Bachelor's degree.
• A minimum of 2 years experience with Cybersecurity
• Able to be available for on‑call rotation as needed
• A minimum requirement for this U.S.
  
  -based position is the ability to work legally in the United States. No visa sponsorship/support is available for this position

• Strong understanding of adversary tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK, Cyber Kill Chain, and PEAK Threat Hunting Framework
• Experience with Microsoft Sentinel, Defender XDR, and threat intelligence platforms; ability to write custom detection rules and queries
• Familiarity with memory forensics, malware analysis, and reverse engineering concepts
• Ability to develop hypotheses and conduct hunts without relying on pre-existing alerts
• Comfortable presenting technical findings to both technical and executive audiences
• Familiarity with OT concepts and adversarial threats.

• Cyber Threat Hunting – Proactively searching for advanced threats that evade automated detection by leveraging hypothesis‑driven techniques, threat intelligence, and behavioral analytics.
• Adversary Tactics & Framework Knowledge – Deep understanding of TTPs and frameworks like MITRE ATT&CK, Cyber Kill Chain, and PEAK to anticipate and counter sophisticated attacks.
• Incident Response & Forensic Analysis – Handling cybersecurity investigations and performing deep‑dive analysis of network traffic, endpoint telemetry, and identity logs to uncover adversarial behaviors.
• Detection Logic Crafting
  – Developing and refining detection logic for SIEM and EDR platforms, including writing custom rules and queries to improve threat visibility.
• Collaborative Communication – Effectively partnering with the Dow red team, threat intelligence team, and presenting technical findings to both technical and executive audiences.

GCTI (GIAC Cyber Threat Intelligence), GCFA (GIAC Forensic Analyst), CompTIA CySA+, or Certified Cyber Threat Hunting Professional (CCTHP)

This position does not offer relocation assistance.

We invest in you.

Dow invests in total rewards programs to help you manage all aspects of you: your pay, your health, your life, your future, and your…