HUD - Detection Engineer / Threat Hunter

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
• 7+ years of experience in threat detection, threat hunting, or SOC operations.
• Experience with SIEM platforms (e.g., Splunk), EDR tools (e.g., CrowdStrike), and cloud security tools (AWS Security).
• Strong knowledge of MITRE ATT&CK framework and threat actor tactics, techniques, and procedures (TTPs).

Responsibilities

• Design, develop, and maintain threat detection use cases, analytics, and correlation rules within SIEM/SOAR platforms (e.g., Splunk).
• Perform proactive threat hunting across network, endpoint, and cloud environments to identify advanced persistent threats and anomalous behavior.
• Analyze logs, alerts, and telemetry from multiple sources (EDR, IDS/IPS, cloud, applications) to detect malicious activity.
• Leverage threat intelligence (CISA, MITRE ATT&CK, vendor feeds) to enhance detection logic and hunting strategies.
• Continuously improve detection coverage and reduce false positives through tuning and automation.
• Develop and execute threat hunting hypotheses based on emerging threats and intelligence.
• Collaborate with incident response teams to investigate and contain security incidents.
• Build and maintain detection playbooks and automation workflows.
• Support development of advanced analytics and behavioral detection models.
• Conduct root cause analysis of incidents and recommend security improvements.
• Participate in continuous monitoring and SOC operations supporting 24/7/365 mission.
• Perform gap analysis of detection capabilities and recommend improvements.
• Support log aggregation, enrichment, and normalization for improved detection fidelity.
• Create dashboards and reporting to communicate threat posture and detection effectiveness.
• Contribute to security architecture improvements and tool optimization.