The Threat Hunting Lead role at a leading financial institution involves spearheading proactive threat hunts across on-prem and cloud environments, including Active Directory/Entra, M365, Azure, AWS, endpoints, identity, network, and application telemetry. This senior technical position requires developing hunt hypotheses based on emerging threats and internal incident learnings, executing advanced investigations using Splunk SPL and Microsoft KQL, and operationalizing outcomes to enhance enterprise detection and response readiness. The role also entails partnering with Cyber Threat Intelligence and Detection Engineering teams to improve defensive strategies and driving visibility improvements by addressing telemetry gaps. Key responsibilities include providing technical leadership to threat hunting staff and communicating findings effectively to stakeholders. Ideal candidates have 5+ years of experience in cyber threat hunting, incident response, or security operations, proficiency with SIEM/XDR platforms like Splunk and Microsoft KQL, and a strong understanding of adversarial frameworks such as MITRE ATT&CK and the Cyber Kill Chain.
Lead complex threat hunts across on-prem and cloud environments, including hypothesis development and telemetry validation.
Execute advanced investigations using SIEM/XDR platforms like Splunk SPL and Microsoft KQL to identify suspicious patterns.
Operationalize hunt findings by developing candidate detections and prioritizing telemetry gaps for defensive improvements.
Partner with Cyber Threat Intelligence to convert intelligence into specific hunting plans and measurable coverage.
Provide technical leadership and coaching to threat hunting staff, promoting repeatable methodologies and documentation standards.
What we're looking for
5+ years of experience in cyber threat hunting or related security operations in large enterprises.
Expertise conducting investigations across endpoint, identity, network, and cloud telemetry.
Proficiency with SIEM/XDR platforms and advanced query languages like Splunk SPL and Microsoft KQL.
In-depth knowledge of attacker tradecraft and adversarial frameworks such as MITRE ATT&CK.
Experience designing or enhancing threat hunting programs including workflows, metrics, and reporting.
Hold relevant industry certifications in cybersecurity, such as GIAC, CompTIA CySA+, or Microsoft SC-200.
Market check
Salary context
Competitive pay
How this pay compares to similar roles
Similar $167k
This role $164k
$114k
most similar roles pay here
$214k
This role pays more than
54%
of similar roles. Most pay
$142,400–$190,725
— the shaded band above.
At the midpoint, this role pays about
$164k
versus about
$167k
for comparable roles.
Based on 239 similar postings.
Employer
About Prudential Financial
Prudential Financial is a global financial services leader and premier active global investment manager.
Prudential Financial currently has
29 open roles
on FindRole.
Listed pay typically runs
$124,350–$204,100
across 28 roles with salary data.
PowerPoint
Microsoft Office Suite
SharePoint Online
Adobe Creative Suite
Project Management Tools
Cybersecurity Platforms
CI/CD
Cloud Services
Databases
Python
JavaScript
HTML
CSS
Web Content Management Systems
Digital Design Software
Collaboration Tools
Terraform
AWS
Kubernetes