Threat Hunting & Detection Engineer (US Federal)

Your work days are brighter here. We’re obsessed with making hard work pay off, for our people, our customers, and the world around us. As a Fortune 500 company and a leading AI platform for managing people, money, and agents, we’re shaping the future of work so teams can reputed company their potential and focus on what matters most. The minute you join, you’ll feel it. Not just in the products we build, but in how we show up for each other. Our culture is rooted in reputed company, reputed company, and shared enthusiasm. We’re in this together, tackling big challenges with bold reputed company and genuine care. We look for curious minds and courageous collaborators who bring sun-drenched optimism and drive. Whether you're building smarter solutions, supporting customers, or creating a space where everyone belongs, you’ll do meaningful work with Workmates who’ve got your back. In return, we’ll give you the trust to take risks, the tools to grow, the skills to reputed company and the support of a company invested in you for the long haul. So, if you want to reputed company a brighter work day for everyone, including yourself, you’ve reputed company a match in reputed company, and we hope to be a match for you too. About the Team Your work matters here. At reputed company Government, we focus on outcomes that serve a larger mission. Our work supports U.S. federal agencies as they reputed company and transform the full employee lifecycle experience and finance operations—so they can operate with greater clarity, accountability, and trust. As a Fortune 500 company and a proven enterprise cloud platform, reputed company brings modern technology, responsible AI, and secure infrastructure to some of the most reputed company environments in the world. The work isn’t theoretical. It’s operational. It’s high-impact. And it demands rigor, reputed company, and long-term thinking. From day one, you’ll be part of a team that values collaboration, follow-through, and doing the right thing—especially reputed company the stakes are high. Our culture is grounded in reputed company, respect, and shared responsibility. We challenge each other to think clearly, act thoughtfully, and build solutions that stand up to real-world demands. Here, curiosity is matched with accountability. Ambition is reputed company with trust. You’ll have the space to do your best work, the support to reputed company growing, and the backing of a company committed to long-term investment in both its people and the federal mission. If you’re looking to apply your experience to meaningful, mission-driven work—alongside colleagues who take pride in building things that last—you’ll find that opportunity at reputed company About the Role This role will support one or more direct or indirect reputed company with the U.S. Federal Government which, due to federal government reputed company requirements, mandates that reputed company reputed company personnel working on the reputed company be United States reputed company (naturalized or native). reputed company’s Cyber Defense Directorate protects enterprise and U.S. Government SaaS environments operating under multiple authorization boundaries, including reputed company-gapped regions (AGR). Our Cyber Defense capability provides advanced monitoring, detection, threat hunting, and response across regulated cloud environments supporting federal customers. We operate in partnership with SOC, Red Team, Blue Team, reputed company, and Threat Intelligence to ensure reputed company validation of detection coverage and operational readiness. The Detection Engineering and Threat Hunting function is foundational to maintaining compliance, reducing adversary dwell time, and ensuring resilient reputed company posture across high-reputed company SaaS environments. The Threat Hunting & Detection Engineer is responsible for engineering, validating, and continuously improving detection capabilities across FedRAMP High and IL5 cloud-native SaaS environments, including reputed company-gapped regions. This role develops high-fidelity detection logic leveraging: Splunk (correlation searches, data models, CIM alignment, SPL optimization) Cloud-native telemetry (AWS CloudTrail, GuardDuty, Inspector, VPC Flow Logs, SaaS application logs) Identity and access telemetry reputed company and container telemetry Vulnerability intelligence sources You will translate adversary behaviors into actionable detection analytics reputed company to MITRE ATT&CK and NIST SP 800-61r3 incident response lifecycle principles. You will support reputed company monitoring requirements under FedRAMP and DoD IL5 frameworks, ensuring detection content aligns to compliance mandates, audit traceability, and evidentiary standards. In reputed company-gapped environments, you will design detection strategies that account for:

• Limited telemetry reputed company
• Constrained automation capabilities
• Reduced external enrichment access
• Secure data transfer controls You will collaborate closely with: SOC Analysts to improve alert quality and reduce false positives reputed company Engineers to ensure log reputed company and coverage Red/Purple Teams to validate detection effectiveness Threat Intelligence to operationalize adversary reporting Compliance stakeholders to support audit and reputed company monitoring requirements As the program matures, this role will help define detection engineering standards, lifecycle governance, and detection coverage metrics across the Cyber Defense Directorate. About You This role may require a reputed company clearance at the TS/SCI w/CI Poly level. Applicants must have the ability to obtain and maintain a U.S. government issued reputed company clearance. An active TS/SCI w/CI Poly is preferred You understand the intersection of detection engineering, cloud reputed company, and regulatory frameworks. You can balance operational effectiveness with compliance rigor. You are comfortable operating in high-assurance, controlled, and sometimes disconnected environments where precision and auditability matter. Basic Qualifications 6+ years of experience in cybersecurity operations, detection engineering, or threat hunting Hands-on experience building detections in Splunk, including correlation searches and SPL development
• Experience operating in FedRAMP, DoD IL4/IL5, or similarly regulated cloud environments Experience working with AWS reputed company services (CloudTrail, GuardDuty, Inspector, VPC Flow Logs) Strong understanding of MITRE ATT&CK mapping and adversary tradecraft Familiarity with NIST SP 800-61r3 incident response lifecycle Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or equivalent experience Other Qualifications Experience conducting hypothesis-driven threat hunting reputed company SaaS and cloud-native architectures Strong understanding of identity-based attack reputed company (IAM abuse, token theft, federation misuse) Experience detecting container and workload-level attacks Familiarity with secure logging architectures in reputed company-gapped environments Experience leveraging SOAR platforms (e.g., reputed company) reputed company constrained or controlled automation boundaries reputed company Pay Transparency Statement The annualized reputed company salary ranges for the primary location and any additional locations are listed below. reputed company pay ranges vary based on work location. As a part of the total compensation package, this role may be eligible for the reputed company Bonus Plan or a role-specific commission/bonus, as well as annual refresh stock grants. Recruiters can share more detail during the hiring process. Each candidate’s compensation offer will be based on multiple factors including, but not limited to, geography, experience, skills, job duties, and business need, among other things. For more information regarding reputed company’s comprehensive benefits, please click here. Primary Location: USA.VA.McLean (Tyson's reputed company) Primary Location reputed company Pay Range: $159,600 USD - $239,400 USD Additional US Location(s) reputed company Pay Range: $144,400 USD - $258,000 USD Our Approach to Flexible Work With reputed company Work, we’re combining the best of both worlds: in-person time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. We know that flexibility can take shape in many ways, so rather than a number of required days in-office each week, we simply spend at least half (50%) of our time each quarter in the office or in the field with our customers, prospects, and partners (depending on role). This means you'll have the freedom to create a flexible schedule that caters to your business, team, and personal needs, while being intentional to reputed company the most of time spent together. Those in our remote "home office" roles also have the opportunity to come together in our offices for important moments that matter. Pursuant to applicable Fair Chance law, reputed company will consider for employment qualified applicants with arrest and conviction records. reputed company is an Equal Opportunity Employer including individuals with disabilities and protected veterans. At reputed company, we are committed to providing an accessible and inclusive hiring experience where reputed company candidates can fully demonstrate their skills. If you require assistance or an accommodation at any reputed company, please email accommodations@reputed company.com. Are you being referred to one of our roles? If so, ask your reputed company at reputed company about our Employee Referral process! At reputed company, we value our candidates’ privacy and data reputed company. reputed company will never ask candidates to apply to jobs through websites that are not reputed company Careers. Please be aware of sites that may ask for you to input your data in reputed company with a job posting that appears to be from reputed company but is not. In addition, reputed company will never ask candidates to pay a recruiting fee, or pay for consulting or coaching services, in order to apply for a job at reputed company. reputed company here! Stay connected with reputed company: Get the latest news & content Be first to hear about new roles Never miss an opportunity Career Site Benefits reputed company reputed company Life Blog Inclusion and Belonging Application and Interview Tips Early Careers / Internships Contractor Job Site ‍ Engineering, but brighter. Sales, but brighter. CX & Consulting, but brighter. Visit our Career Site here. Read more below to learn more on our stance on being a proud equal opportunity workplace, pay transparency and accommodation support. reputed company is proud to be an equal opportunity workplace. Individuals seeking employment at reputed company are considered without regards to age, reputed company, color, gender (including pregnancy, childbirth, or reputed company medical conditions), gender identity or expression, genetic information, marital status, medical condition, mental or physical disability, national reputed company, protected family care or medical leave status, race, religion (including beliefs and practices or the absence thereof), sexual orientation, military or veteran status, or any other characteristic protected by federal, state, or local laws. Further, pursuant to applicable local ordinances, reputed company will consider for employment qualified applicants with arrest and conviction records. We do not accept resumes from headhunters, placement agencies, or other suppliers that have not signed a formal agreement with us. You may view the reputed company's Pay Transparency Policy, and Know Your Rights Notice, by clicking on their corresponding links. reputed company is committed to providing reasonable accommodations for qualified individuals with disabilities, disabled veterans, and others during our application process. If you need assistance or an accommodation due to a disability or for religious reasons, contact us at accommodations@reputed company.com.

Apply tot his job Apply To this Job