Senior Adversary Pursuit Engineer

Flock
$140,000 - $175,000Remote

About The Position

We are looking for a Senior Adversary Pursuit Engineer. As someone with over 5 years of cybersecurity experience, at least 3 of those years in the trenches focused on DFIR/Threat Hunts, you will focus on developing and executing functions within Flock’s Adversary Pursuit program. You will help architect and execute threat hunts, technical cybersecurity exercises, and tactical threat intelligence collection looking for opportunities to improve these areas. You’ll work closely with our Offensive Security team to ensure a high level of efficacy in our ability to detect threats, and assist the Security Operations team with improvements to our response capabilities. This is a critical role that will be responsible for developing new methods to search and detect threats across a rapidly scaling, high-value public-private safety network. You will assist with defining and executing hunts, determining and prioritizing visibility and detection gaps, and when necessary, assisting with response operations across thousands of deployed hardware devices, extensive cloud infrastructure, and core business applications. You will help with the creation of technical exercises against Flock’s full technology stack (hardware, software, cloud, network) to help increase preparedness and readiness. This role reports to the Director, Incident Response and Adversary Pursuit. Success in this role will be measured by the development and execution of our threat hunt capabilities, ability and effectiveness to detect prioritized threats, and improved readiness to respond (through metrics such as MTTD).

Requirements

  • Over 5 years of cybersecurity experience
  • At least 3 years focused on DFIR/Threat Hunts
  • Experience with performing DFIR on Android IoT devices.
  • Deep experience utilizing enterprise security tooling (SIEM, EDR, etc.) as well as developing proprietary tools/scripts to scale the team’s capabilities.
  • Experience utilizing sandboxing technology to aid in the analysis of suspicious binaries and scripts
  • Hands on work with integrating security automation tools (Torq, Tines, SIEM native, etc.) and AI tooling (LLMs, agentic workflows) to accelerate security operations
  • Map findings to the MITRE ATT&CK framework
  • Well versed in using cyber threat intelligence to update requirements, prioritize collection sources and integrate technical TTPs to inform and prioritize hunts.
  • Create and tune high-fidelity detection rules (e.g., Splunk SPL, YARA, Sigma)
  • Assist with the development of technical table top exercises
  • Collaborate with Cybersecurity, Engineering, and Product teams
  • Work closely with the Offensive Security team
  • Serve as a Tier 3 escalation point for SOC analysts
  • Ability to obtain and maintain Criminal Justice Information Services (CJIS) certification as a condition of employment.
  • Meet all FBI CJIS Security Policy requirements, including a fingerprint-based background check.

Nice To Haves

  • Hands-on reverse engineering experience

Responsibilities

  • Mold the long-term threat hunting roadmap, including strategy, data ingestion requirements, and coverage metrics.
  • Help design, execute, and see complex threat hunting campaigns through to completion, taking ownership of specific threat verticals (e.g., cloud environments, specific APT groups).
  • Serve as a technical mentor for junior and mid-level engineers. Review their technical work, provide constructive feedback on methodologies, and elevate the team's overall technical baseline.
  • Extensive technical expertise in performing DFIR and adversary threat hunts, across diverse environments (corporate systems, cloud - AWS/GCP/Azure, and operational technology networks).
  • Experience with performing DFIR on Android IoT devices.
  • Deep experience utilizing enterprise security tooling (SIEM, EDR, etc.) as well as developing proprietary tools/scripts to scale the team’s capabilities.
  • Experience utilizing sandboxing technology to aid in the analysis of suspicious binaries and scripts; hands-on reverse engineering experience a plus.
  • Hands on work with integrating security automation tools (Torq, Tines, SIEM native, etc.) and AI tooling (LLMs, agentic workflows) to accelerate security operations
  • Map findings to the MITRE ATT&CK framework to identify coverage gaps and improve detection posture.
  • Well versed in using cyber threat intelligence to update requirements, prioritize collection sources and integrate technical TTPs to inform and prioritize hunts.
  • Create and tune high-fidelity detection rules (e.g., Splunk SPL, YARA, Sigma) based on hunt findings to prevent future recurrence.
  • Assist with the development of technical table top exercises, ensuring scenario applicability to the organization’s risk profile and align to real world cyber events.
  • Collaborate with Cybersecurity, Engineering, and Product teams to help plan, and execute threat hunts, providing detailed findings and data backed recommendations for cybersecurity and architectural improvements.
  • Work closely with the Offensive Security team to help perform regular testing and validation of custom detection rules.
  • Serve as a Tier 3 escalation point for SOC analysts; perform deep-dive root cause analysis on complex security incidents.

Benefits

  • Flexible PTO
  • 11 company holidays
  • Fully-paid health benefits plan for employees: including Medical, Dental, and Vision
  • HSA match
  • 12 weeks of 100% paid parental leave
  • Additional 6-8 weeks of physical recovery time for birthing parents
  • Fertility & Family Benefits through Maven with a $50,000-lifetime maximum benefit related to eligible adoption, surrogacy, or fertility expenses
  • Spring Health for mental health benefits, including therapy, coaching, medication management, and digital tools
  • Caregiver support through Cariloop
  • Carta Tax Advisor for 1:1 sessions with Equity Tax Advisors
  • $150 per month WFH Stipend
  • $300 per year Productivity Stipend
  • $750 one-time Home Office Stipend
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service