Security Specialist, Threat Hunter

About Us

One team. Global challenges. Infinite opportunities. At Viasat, we’re on a mission to deliver connections with the capacity to change the world. For more than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We’re looking for people who think big, act fearlessly, and create an inclusive environment that drives positive impact to join our team.

As a Cyber Threat Hunter with a focus on Cyber Threat Intelligence (CTI), you will play a critical, proactive role in safeguarding our organization from advanced threats that evade traditional security defenses. You will bridge the gap between reactive incident response and preventative security engineering, using intelligence-driven methodologies to hunt down adversaries in our environment before they can cause harm.

Your mission is to:

• Proactively Hunt:
  Execute hypothesis-driven threat hunts across the network, endpoints, and cloud environments to uncover hidden, anomalous, or malicious activity that could bypass controls
• Leverage Intelligence:
  Integrate Cyber Threat Intelligence (CTI) from tactical, operational, and strategic sources to inform hunting hypotheses, prioritize investigations, and enrich security tooling
• Support Incident Response:
  Collaborate on threat intelligence driven incidents by providing hunting and CTI enrichment support
• Improve Posture:
  Prioritize vulnerabilities and security gaps based on threat actor exploitation trends identified via CTI and hunting campaigns, directly feeding into the vulnerability management and security engineering programs
• Advance Detection:
  Coordinate with detection engineers to develop new detections, composite rules, and dashboards based on discovered threat Tactics, Techniques, and Procedures (TTPs) to enhance the security team's overall capability
• TIP and SIEM Enrichment:
  Lead the lifecycle of threat intelligence within the Threat Intelligence Platform (TIP), ensuring timely maintenance, accurate expiration policies, reduction in false positive rates, and continuous enrichment of Indicators of Compromise (IOCs) and TTPs to improve contextualization and prioritization of alerts in the Security and Information Event Management (SIEM)
• External Threat Monitoring:
  Maintain continuous tracking and monitoring of external threat surfaces, including dark web forums, leak sites, and underground marketplaces, focusing on brand protection, supply chain risks, and the identification of organizational asset management risks

• 5+ years' experience threat hunting
• 2+ years experience with the Incident Response lifecycle (Preparation, Detection & Analysis, Containment, Eradication & Recovery, Post-Incident Activity) and the ability to lead the technical aspects of an investigation
• Demonstrable ability to source, analyze, and apply CTI to hunting for adversary TTPs
• Provide expert-level knowledge and practical experience with SIEM, TIP, and Endpoint and Network Detection & Response (E/NDR) tools for data querying and analysis
• Experience prioritizing vulnerabilities, Common Vulnerabilities and Exposures (CVEs), in a vulnerability management program based on CTI feeds and evidence of active exploitation (e.g., applying the CISA Known Exploited Vulnerabilities (KEV) catalog)
• Solid understanding of operating system internals (Windows, macOS, Linux), cloud infrastructure, common network protocols, or the ability to analyze endpoint and network artifacts (e.g., packet captures, memory dumps, system logs)
• US Citizenship required
• Active DoD Secret Clearance or have held one in the last two (2) years
• Ability to travel up to 10%

• Demonstrated…