Cyber Threat Intelligence Hunter

Description

Leidos is seeking a Cyber Threat Hunter to join a missioncritical cybersecurity team dedicated to staying ahead of sophisticated adversaries. In this role, you'll proactively hunt for malicious activity, analyze emerging attacker tactics, and transform intelligence into actionable defensive improvements that protect highvalue assets. If you thrive on uncovering the unknown, analyzing complex threat patterns, and strengthening enterprisewide defenses, this is where your expertise will shine.

You'll work closely with SOC analysts, incident responders, and security engineers to elevate detection capabilities, guide investigations, and mentor others in advanced threathunting tradecraft.

As a Cyber Threat Hunter, you'll lead proactive detection efforts, analyze threat intelligence, and develop advanced detection content to stay ahead of evolving threats.

• Conducting proactive threat hunts to identify suspicious activity before it escalates

• Applying critical thinking to analyze threat intelligence, attacker TTPs, and emerging techniques

• Reviewing and correlating logs from firewalls, hosts, EDR, IDS/IPS, and other internal sources

• Responding to RFIs and conducting scoped investigations using all available tools

• Leveraging strong knowledge of security controls across Endpoint, Cloud, SaaS, and Identity

• Using EDR platforms to investigate alerts, anomalies, and malicious activity

• Developing custom SIEM and IDS rules/signatures to strengthen detection capabilities

• Performing incident handling tasks including triage, response, documentation, and lessons learned

• Educating customers on threats and advising on best practices

• Analyzing ongoing attacks such as phishing, DDoS, ransomware, and data leakage

• Tracking and engaging with threat actors across the clear, deep, and dark web

• Serving as a subjectmatter expert in threat intelligence and advanced detection

• Building dashboards, alerts, and monitoring content within SIEM and other security tools

• Continuously optimizing detection content to support SOC operations

• Creating and maintaining technical documentation, detection strategies, and monitoring processes

• Identifying detection gaps and recommending improvements

• Mentoring SOC analysts and guiding team members in tactical security practices

• Developing strategies for incident handling and coordinating responses to security breaches

You bring deep analytical skills, handson threathunting experience, and the ability to lead investigations in complex environments.

• Active DoD TS/SCI clearance

• Current DoD 8140compliant security certification; ability to obtain CE certification within 6 months

• Bachelor's degree and 6+ years of cybersecurity experience (or equivalent experience/certifications)

• Experience with Endpoint Detection and Response (EDR) platforms

• Strong understanding of security controls across Endpoint, Cloud, SaaS, and Identity

• Background in analyzing alerts and identifying anomalous or malicious activity

• Experience developing detection content and understanding content lifecycle management

• Ability to analyze logs from Network/Host, EDR, Firewall, IDS/IPS, and Cloud sources

• Experience leading incident response engagements

• Knowledge of security architectures, firewalls, vulnerabilities, and system/application threats

• Strong communication skills for presenting findings to stakeholders

• Ability to travel as required

• Proven, wellrounded experience in information security

These skills will help you stand out:

• Bachelor's degree in IT, CIS, Cybersecurity, or related field

• Certifications such as CySA+, CASP+, CISSP, or equivalent

• Familiarity with MITRE ATT&CK and other security frameworks

• Experience with Security Onion

• Handson experience with tools such as EDR, Firewalls, IDS/IPS, DLP, SIEM, forensic/malware analysis, and cloud security tools

• Strong analytical, problemsolving, communication, and project management skills

As a Cyber Threat Hunter, you are the frontline defender against advanced adversaries. Your work uncovers hidden threats, strengthens detection capabilities, and ensures the organization stays ahead of evolving cyber risks. This is your opportunity to lead, innovate, and make a measurable impact on mission security.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

Securing Your Data

Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

#Featuredjob