Booz Allen Hamilton is seeking a Cyber Threat Hunter to support their Cyber Security Operations Division. The role involves proactively identifying malicious activities and strengthening defensive postures through hypothesis-driven hunts and deep-dive analyses of various data sources.
Support the Cyber Security Operations Division by proactively identifying malicious activity, uncovering hidden threats, and strengthening the organization’s defensive posture
Conduct hypothesis‑driven hunts across enterprise networks, leveraging threat intelligence, adversary TTPs, and behavioral analytics to detect early indicators of compromise
Perform deep‑dive analysis of logs, endpoint telemetry, and network data to validate findings, uncover patterns, and escalate confirmed threats to SOC and IR teams
Contribute to the continuous improvement of detection capabilities by developing new analytics, refining existing logic, and identifying visibility gaps across the environment
Document repeatable workflows, produce high‑quality hunt reports, and brief leadership and mission stakeholders on emerging threats, hunt outcomes, and recommended defensive improvements
Collaborate closely with SOC, IR, CTI, and platform engineering teams to operationalize intelligence, integrate new data sources, and mature the organization’s hunt program
Qualification
Required
2+ years of experience analyzing adversary behaviors, developing hunt hypotheses, and executing structured, hypothesis-driven hunt operations
Experience conducting hunts aligned to MITRE ATT&CK and frameworks, such as Splunk PEAK
Experience leveraging threat intelligence and emerging adversary TTPs to develop hunt hypotheses
Experience performing advanced analytics, log analysis, and forensic triage to support CI and threat investigations
Experience maintaining documentation, including SOPs, analytic development notes, deployment records, and review cycles that provide repeatable and auditable workflows
Ability to translate hunt findings into actionable improvements, such as detection enhancements, visibility recommendations, and updated playbook
Ability to produce hunt reports, brief leadership, and collaborate with SOC and IR teams
Public Trust
Bachelor's degree
Preferred
Experience with Splunk Enterprise, SPL queries, and analytic development
Experience with behavioral analytics, anomaly detection, and statistical or machine learning based hunting techniques
Experience supporting CI investigations or sensitive case forensics
Experience developing or refining hunt playbooks, detection logic, and visibility assessments
Experience conducting program maturity assessments, gap analyses, and roadmap development for hunt program improvement
Knowledge of endpoint detection and response (EDR) tools and telemetry sources used in hunt operations
Knowledge of Zero Trust, identity centric security models, and modern enterprise architecture
Possession of excellent oral and written communication skills
Benefits
Health, life, disability, financial, and retirement benefits
Paid leave
Professional development
Tuition assistance
Work-life programs
Dependent care
Recognition awards program
Booz Allen Hamilton is a consulting firm that specializes in analytics, technology, and engineering.
Glassdoor
4.2
Founded in 1914
Mclean, Virginia, USA
10001+ employees
http://www.boozallen.com
Booz Allen Hamilton is a consulting firm that specializes in analytics, technology, and engineering.
