Senior Threat Hunter (US)

Fairfax, Virginia, United States | Threat Intelligence | Full-time | Fully remote

Apply by: July 24, 2025
Apply

As a Senior Threat Hunter, you’ll be accountable for driving innovation across our cyber threat intelligence (CTI) functions, using your technical aptitude to drive creative problem solving and research. Your expertise and methodology will contribute to a high-performing team. You’ll be part of a fast-moving, growing, and evolving company, and you’ll work directly alongside the Product Director to drive technological advancement towards strategic objectives. 

The Senior Threat Hunter is responsible for delivering high quality and actionable CTI related to phishing and other cyber incident response. Notable phishing campaigns are captured, detected, and investigated in a timely manner, sharing polished threat intelligence reports with customers or internal stakeholders. The Senior Threat Hunter serves as a subject matter expert in cyber threat intelligence and supports WMC Global in its strategic directives, deploying deep anti-phishing expertise to solve complex technical projects. The Senior Threat Hunter will be a technical point of contact for multiple customer engagements and will support both the Business Development and Customer Success teams on external touchpoints. The Senior Threat Hunter will be proactive in their approach to problem solving and self-motivated in taskings and lead generation of phishing campaigns.  

This position is fully remote, based in the United States, and may require up to 5% domestic or international travel. This is a full-time, exempt position.   

 

ESSENTIAL JOB FUNCTIONS: 

  • Perform proactive and product-aware threat hunting, conducting continuous, hypothesis-driven threat hunting using WMC Global’s set of proprietary CTI tools as well as external tools and intelligence gathered through OSINT and closed channel practices 

  • Conduct behavioral analysis, enriched by IOCs and TTPs to map threat actor activity and perform attribution 

  • Leverage and enrich threat intelligence to inform hunting hypotheses and identify emerging adversarial TTPs aligned with MITRE ATT&CK and other industry-recognized frameworks 

  • Package and present threat intelligence reports and briefings for technical, operational, and executive audiences both internally and externally 

  • Partner with Software Development teams to finetune detection rules and algorithms based on hunt findings and false positive analysis 

  • Design and implement automated pipelines to enrich, analyze, and store CTI artifacts using Python, SQLite, Redis, and custom API integrations 

  • Identify customer targets and potential incidents, escalating and supporting triage of findings with clear, actionable intelligence and risk mitigation in collaboration with Customer Success and Operations 

  • Tune product roadmap in collaboration with product and technical teams through feedback on tooling capabilities, user experience, and data coverage 

  • Operationalize CTI with support of product team by driving correlation logic  

  • Support Threat Hunting-as-a-Service (THaaS) and consulting services contracts, driving value obtained through CTI insights to map threat landscapes for WMC Global’s customer base 

  • Collaborate with Operations incident response teams to share intelligence and ensure maximum disruption of malicious activities across WMC Global customers 

  • Record and share feedback with the project management team to drive improvements in systems, software, and procedure 

  • Document threat hunting methodologies, processes, and findings 

  • Identify opportunities for continuous improvement and learning, keeping current with threat hunting tools, techniques, and best practices and maintaining a working knowledge of the evolving threat landscape 

  • Showcase WMC Global CTI through marketing content collaborations, including blogs, white papers, press releases, etc. 

  • Establish subject matter expertise on phishing kit analysis and exfiltration of compromised credentials 

  • Perform periodic reanalysis of phishing kits and infrastructure to extract new IOCs and track threat actor evolution 

  • Coordinate cross-functionally to iteratively improve detection and reporting 

  • Maintain expert knowledge of TTPs deployed by advanced persistent threats (APTs) 

  • Develop attack detection guidance and response playbooks, counter-measure definitions, and strategies to mitigate emerging threats for internal and external consumption 

  • Uphold corporate SOPs, ensuring established processes and procedures are followed 

  • Foster a spirit of teamwork that strives for cohesive, high-quality performance and innovative problem solving 

 

JOB COMPETENCIES/SKILL REQUIREMENTS/QUALIFICATIONS: 

  • Critical thinker with demonstrated business and technical acumen 

  • 5+ year(s) in a technical role in relevant cybersecurity area of expertise (e.g., SOC, CTI experience) 

  • 3+ year(s) relevant threat intelligence or threat hunting experience 

  • Experience with SMB technology companies is strongly preferred 

  • Experience with the following tech stack required: 

    • Amazon AWS, specifically CLI, EC2, S3 Buckets 

    • Elastic Search 

    • Python 

    • Web scraping and automation libraries 

    • SQL 

    • Splunk 

    • YARA rules 

    • Passive DNS tools 

    • Regular Expressions (regex) 

    • GitHub, CI/CD 

  • Experience in efficiently supporting day-to-day functions in M365, Atlassian Products (Jira and Confluence), and Splunk 

  • Experience with Linux operating systems (CLI, TMUX) 

  • Strong Computer Networking knowledge 

  • Strong command of API systems 

  • Strong organization and time- and self-management skills 

    • Sound analytical and problem-solving skills, with strong attention to detail 

    • Personal accountability is essential 

    • Strong adherence to process and change management controls 

    • Adaptable and able to manage multiple priorities simultaneously 

    • Validated success working in a remote fast-paced, team-oriented environment 

    • Comfort with information exchange, asking questions, and seeking feedback and constructive criticism 

  • Self-motivated and highly driven to succeed with a self-driving attitude to find, detect, categorize, and disrupt the latest phishing threats 

  • Ability to communicate independently in structured, concise format 

    • Crisp verbal and written presentation skills  

    • Strong command of English language and ability to deliver polished finished intelligence  

  • Passion for technology and consumer/brand protection 

    • Deep understanding of cybersecurity, including threat intelligence platforms, data analytics, and industry frameworks (MITRE ATT&CK, SOC 2 Type 2, ISO 27001, NIST) 

    • Strict adherence to secure-by-design development principles and data protection standards 

    • Basic understanding of Agile and Scrum methodologies 

  • Sustained demonstration of integrity and discretion in handling confidential or sensitive information 

  • Adherence to and respect for WMC Global’s values, which form the bedrock of all our business dealings 

 

EDUCATION/TRAINING: 

  • Bachelor’s degree in Cybersecurity or related field required 

  • Relevant cybersecurity certifications a plus

  • PMP and/or Six Sigma certification a plus 

Share this opening with friends