Threat Hunter

Come join Deepwatch's team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. - and we have a blast doing it!Who We AreDeepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch's cloud-based security operations platform, Deepwatch provides the industry's fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business.Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit.Deepwatch recognition includes:2025, 2024, 2023, 2022 and 2021 Great Place to Work Certified2024 Military Times Best for Vets Employers2024 US Department of Labor Hire Vets Gold Award2024 Forbes' America's Best Startup Employers2024 Cyber Defense Magazine, Global Infosec Awards2023 and 2022 Fortress Cybersecurity Award2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners2022 Cybersecurity Excellence Award for MDRThreat HunterDeepwatch is seeking a motivated and analytically driven Junior Threat Hunter to join our Security Operations team. You will work alongside experienced hunters, threat intelligence, threat research and incident responders to identify advanced threats that evade traditional controls. This role offers hands-on exposure to enterprise telemetry, detection engineering, and real-world adversary tradecraft.Key Responsibilities:Assist in proactive, hypothesis-driven threat hunts across endpoint, network, cloud, and identity environments.Analyze telemetry from EDR, SIEM, NDR, email, and identity platforms.Investigate suspicious activity and anomalies to determine malicious vs. benign behavior.Support development and tuning of detection rules and analytics.Leverage the MITRE ATT&CK framework to understand and map adversary techniques.Document hunt findings, methodologies, and lessons learned.Collaborate with SOC and Incident Response teams to escalate validated threats.Contribute to continuous improvement of detection coverage and hunting playbooks.Stay current on emerging threats, malware trends, and attacker techniques.Required Qualifications:4+ years in cybersecurity with at least 2 years in threat hunting, advanced detection engineering, or incident response.Strong experience with EDR platforms (CrowdStrike, Microsoft Defender, SentinelOne, etc.).Proficiency in SIEM platforms (Splunk, Sentinel, Elastic, QRadar, etc.).Experience writing advanced queries (KQL, SPL, SQL, Lucene, etc.).Deep understanding of Windows, Linux, and Active Directory internals.Strong knowledge of Cloud services (AWS, Azure, Google Cloud, etc.)Familiarity with MITRE ATT&CK framework.Experience analyzing process trees, command-line artifacts, persistence mechanisms, and lateral movement.Strong knowledge of networking fundamentals and common attack techniques.Ability to independently conduct investigations from hypothesis to conclusion.Strong written and verbal communication skills.Preferred QualificationsKnowledge of identity-based attacks (OAuth abuse, token theft, Kerberos abuse).Experience with scripting (Python, PowerShell, Bash).Background in detection engineering or purple teaming.Industry certifications such as GCFA, GCIA, GCIH, GCED, CISSP, or similar.Experience working in an MDR or MSSP environment.What Success Looks Like in This Role:Identifies previously undetected threats and improves overall detection posture.Develops repeatable, scalable hunting methodologies.Enhances detection content based on hunt findings.Communicates findings clearly to both technical and executive stakeholders.Contributes meaningfully to continuous improvement of security operations.Statutory Pay DisclosureThe anticipated salary range for this role is $94,500 - $118,000 + stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.ITAR ComplianceThis position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application, candidates will be asked to confirm that they are a U.S. Person as defined by the following:A citizen of the U.S.;A lawful permanent resident of the United States;A person admitted to the United States as a refugee; orA person that has been granted asylum by the United States government.The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment.What We Offer:Deepwatch is excited to provide benefits designed to support team members and their families. Including:Medical, dental, vision, and disability insuranceFlexible Time Off (FTO), 12 company holidays, sick leave and 8-Weeks Paid Parental LeaveUnique professional development benefits with Annual "development dollars" to support our people growth and developmentWellness contests and monthly educational programs401(K) retirement programLearn more here: Deepwatch BenefitsWe know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so please don't hesitate to apply - we'd love to hear from you. Please review our DEI Statement here.Deepwatch welcomes and encourages applications from people with disabilities and accommodations are available on request for candidates taking part in all aspects of the selection process. Please inform your recruiter or contact recruiting@deepwatch.com for further information.All Deepwatch employees are expected to:Be interested in and able to work remotely from a home office when not at a corporate officePass a pre-employment background check in accordance with applicable lawsDeepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.