Cyber Threat Intelligence Hunter

Responsibilities

• Conduct proactive threat hunts to identify suspicious activity and malicious patterns before escalation
• Analyze threat intelligence, attacker TTPs, and emerging techniques to develop advanced detection content
• Review and correlate logs from firewalls, hosts, EDR, IDS/IPS, and other internal sources
• Develop custom SIEM and IDS rules/signatures to strengthen enterprise detection capabilities
• Perform incident handling tasks including triage, response, documentation, and lessons learned
• Use EDR platforms to investigate alerts, anomalies, and malicious activity
• Mentor SOC analysts and guide team members in tactical security practices
• Build dashboards, alerts, and monitoring content within SIEM and other security tools

Requirements

• Active DoD TS/SCI clearance
• Current DoD 8140-compliant security certification
• 6+ years of cybersecurity experience
• Experience with Endpoint Detection and Response (EDR) platforms
• Experience leading incident response engagements
• Strong understanding of security controls across Endpoint, Cloud, SaaS, and Identity
• Ability to analyze logs from Network/Host, EDR, Firewall, IDS/IPS, and Cloud sources

Preferred Qualifications

• Bachelor’s degree in IT, CIS, Cybersecurity, or a related field
• Certifications such as CySA+, CASP+, or CISSP
• Familiarity with MITRE ATT&CK and other security frameworks
• Experience with Security Onion
• Hands-on experience with DLP, SIEM, forensic/malware analysis, and cloud security tools

Benefits

• Competitive compensation
• Health and Wellness programs
• Income Protection
• Paid Leave and Retirement

About the Company

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, Leidos employs 47,000 global employees dedicated to solving the world's most complex challenges.