Advanced Threat Hunter

SixGen, Inc.Alexandria, VA
$100,000 - $155,000Remote

About The Position

The Advanced Threat Hunter is responsible for proactively identifying, investigating, and disrupting advanced cyber threats before they impact enterprise operations. This role conducts continuous threat hunting activities across enterprise environments, leveraging endpoint, network, cloud, and security telemetry to identify adversary tactics, techniques, and procedures (TTPs) that evade traditional security controls. The ideal candidate possesses extensive experience in threat hunting, detection engineering, incident investigation, and adversary emulation. This individual develops hunt hypotheses, creates and refines detection analytics, and collaborates closely with Threat Intelligence, Security Operations, Incident Response, and Security Engineering teams. A key responsibility of this role is producing technical findings, indicators, and contextual analysis that inform enterprise threat intelligence reporting and improve the organization's overall detection capabilities.

Requirements

  • Bachelor's degree in Cybersecurity, Computer Science, Information Assurance, or a related field.
  • 5+ years of experience in Threat Hunting, Security Operations, Incident Response, Detection Engineering, or Digital Forensics.
  • Demonstrated experience conducting proactive threat hunting within enterprise environments.
  • Strong understanding of adversary tactics, techniques, and procedures (TTPs) using the MITRE ATT&CK Framework.
  • Experience developing hunt hypotheses and conducting hypothesis-driven investigations.
  • Experience with endpoint detection and response (EDR), SIEM platforms, network monitoring, cloud security monitoring, and log analysis.
  • Experience creating detection rules, behavioral analytics, and investigative queries.
  • Strong understanding of Windows, Linux, Active Directory, networking, authentication, and cloud technologies.
  • Experience analyzing malware behavior and advanced attack techniques.
  • Excellent analytical, investigative, and technical documentation skills.

Nice To Haves

  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Certified Enterprise Defender (GCED)
  • GIAC Continuous Monitoring Certification (GMON)
  • Certified Information Systems Security Professional (CISSP)
  • Experience supporting federal cybersecurity operations.
  • Experience using Microsoft Defender XDR, Microsoft Sentinel, Splunk, CrowdStrike Falcon, Elastic, or similar enterprise security platforms.
  • Familiarity with AI-assisted security operations and automated threat hunting capabilities.
  • Experience with scripting languages such as PowerShell or Python to support hunt automation and analysis.

Responsibilities

  • Conduct continuous, intelligence-driven threat hunting activities across enterprise networks, endpoints, cloud environments, and security platforms.
  • Develop hunt hypotheses based on emerging threats, threat intelligence, adversary behaviors, and organizational risk.
  • Identify advanced persistent threats (APTs), insider threats, malware activity, lateral movement, credential abuse, and other malicious behaviors before they result in security incidents.
  • Continuously adjust hunting priorities based on changes in the threat landscape, emerging vulnerabilities, and organizational priorities.
  • Develop, test, and refine detection logic supporting proactive threat identification.
  • Create and maintain a Threat Hunt Analytics Library containing reusable hunt queries, detection methodologies, and investigative procedures.
  • Improve existing detection capabilities by identifying gaps in security monitoring and recommending enhancements.
  • Collaborate with Security Engineering teams to implement new detections and improve security telemetry coverage.
  • Analyze security telemetry from endpoint, network, cloud, identity, and application security tools to identify suspicious activity.
  • Investigate anomalous behavior using multiple data sources to determine adversary presence and attack progression.
  • Validate findings through technical analysis and document investigative results.
  • Perform root cause analysis and identify opportunities to improve organizational cyber defenses.
  • Partner closely with Cyber Threat Intelligence analysts by providing technical findings, indicators of compromise (IOCs), indicators of attack (IOAs), adversary behaviors, and emerging attack trends.
  • Produce technical intelligence that supports operational reporting, strategic intelligence products, and executive briefings.
  • Assist Threat Intelligence teams in correlating hunt findings with external intelligence sources.
  • Contribute technical context that enhances organizational awareness of emerging cyber threats.
  • Collaborate with Security Operations Center (SOC), Incident Response, Vulnerability Management, and Security Fusion Center teams to rapidly address identified threats.
  • Ensure findings are tracked through remediation and validated upon completion.
  • Identify detection gaps and recommend improvements to security controls, monitoring, and defensive capabilities.
  • Support response activities involving advanced threats and complex cybersecurity investigations.
  • Utilize AI-enabled threat hunting technologies to improve the speed and effectiveness of threat detection and investigation.
  • Evaluate automation opportunities that improve hunt execution, alert triage, and investigative workflows.
  • Research emerging AI-assisted detection methodologies and recommend implementation where appropriate.
  • Leverage machine learning and behavioral analytics to identify previously unknown threats and anomalous activity.

Benefits

  • Competitive salary
  • Employer-paid health insurance premiums (medical, dental, vision)
  • Employer-paid short/long term disability insurance and basic life/AD&D insurance
  • 401K with a 4% employer contribution
  • Professional development reimbursement options available (training, certification, education, etc)
  • Flexible and remote work policies for most positions
  • Paid Time Off (PTO) at a rate of three (3) weeks plus one (1) day per year of service up to four (4) weeks annually
  • 11 paid holidays per calendar year
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service