Senior Threat Hunter

Peraton•Washington, DC

19d

About The Position

Peraton's Cyber Mission sector is looking for a Sr Threat Hunter to support a SOC. Location: Chandler, AZ or Washington DC. Role and Responsibility: Conduct proactive, intelligence-driven threat hunting to identify malicious activity that evades traditional security controls. Develop and test threat hypotheses based on adversary tactics, techniques, and procedures (TTPs), leveraging frameworks such as MITRE ATT&CK. Analyze endpoint, network, cloud, and log data to detect advanced persistent threats, insider threats, and anomalous behavior. Collaborate with SOC analysts and incident response teams to validate findings and support containment, eradication, and recovery efforts. Create and refine detection logic, queries, signatures, and analytic use cases within SIEM, EDR, and XDR platforms. Lead root cause analysis and post-incident reviews to improve SOC detection and response maturity. Produce high-quality threat intelligence reports, hunt findings, and operational briefings for technical teams and leadership. Mentor junior analysts and contribute to SOC training, playbooks, and continuous improvement initiatives. Maintain situational awareness of emerging threats, vulnerabilities, and adversary campaigns relevant to mission environments.

Requirements

Minimum 8 years experience with a Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field. An additional 4 years of relevant experience will be considered in lieu of degree.
Minimum of 5 years of experience in data hunting, data manipulation, and advanced analytical techniques within a SOC, threat hunting, or cyber operations environments.
Demonstrated supervisory or team lead experience, including mentoring analysts and leading hunt or response activities.
Strong working knowledge of MITRE ATT&CK, adversary TTP analysis, and hypothesis-driven threat hunting methodologies.
Hands-on experience with SIEM platforms, security telemetry, and large-scale log analysis.
Proficiency in scripting and query languages, including R, Python, and SQL, to support analytics, automation, and hunt development.
One or more of the following certifications required: CISSP (Associate), CCSP, SSCP, GCIH, GNFA, or GCIA
Must also meet DoD 8570 requirements for CSSP Analyst, CSSP Infrastructure Support, or CSSP Incident Responder
U.S. citizenship required.
Active Secret security clearance required.

Nice To Haves

Top Secret with SCI eligibility security clearance preferred.

Responsibilities

Conduct proactive, intelligence-driven threat hunting to identify malicious activity that evades traditional security controls.
Develop and test threat hypotheses based on adversary tactics, techniques, and procedures (TTPs), leveraging frameworks such as MITRE ATT&CK.
Analyze endpoint, network, cloud, and log data to detect advanced persistent threats, insider threats, and anomalous behavior.
Collaborate with SOC analysts and incident response teams to validate findings and support containment, eradication, and recovery efforts.
Create and refine detection logic, queries, signatures, and analytic use cases within SIEM, EDR, and XDR platforms.
Lead root cause analysis and post-incident reviews to improve SOC detection and response maturity.
Produce high-quality threat intelligence reports, hunt findings, and operational briefings for technical teams and leadership.
Mentor junior analysts and contribute to SOC training, playbooks, and continuous improvement initiatives.
Maintain situational awareness of emerging threats, vulnerabilities, and adversary campaigns relevant to mission environments.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume