OT Threat Hunt Analyst

Booz Allen Hamilton

Actively hiring
Lakewood, CO Posted 21 days ago $99,000$225,000 / year
View original post Log in to save

At a glance

AI generated

TL;DR

Join a high-impact team as an OT Threat Hunt Analyst, where you will lead sophisticated threat hunting operations to identify and disrupt advanced threats targeting critical infrastructure. This role involves transforming emerging intelligence into actionable missions, engineering novel collection capabilities, and collaborating with system owners and engineers to design innovative approaches in environments with limited telemetry. You must have 8+ years of experience in cyber operations, including proactive threat hunts and mapping activity to frameworks like MITRE ATT&CK. Proficiency in SIEM or EDR platforms, analyzing endpoint data, and translating intelligence into actionable plans is essential. Knowledge of OT protocols and scripting languages such as Python or PowerShell for custom tooling is a plus. This role demands creativity, technical depth, and the ability to operate effectively in ambiguous, high-stakes environments.

Skills

SIEM MITRE ATT&CK Python PowerShell AWS Azure Kubernetes Modbus DNP3 memory forensics malware analysis reverse engineering CI/CD

What you'll do

  • Lead and execute sophisticated threat hunting operations to identify advanced threats.
  • Transform emerging intelligence into actionable hunt missions for critical infrastructure.
  • Engineer novel collection capabilities in environments with limited telemetry.
  • Collaborate with OT subject matter experts to design innovative security approaches.
  • Analyze endpoint, network, and log data to detect malicious or anomalous behavior.
  • Brief technical and non-technical audiences on findings from threat hunting activities.

What we're looking for

  • 8+ years experience in cyber operations including threat hunting and detection engineering.
  • Proven ability to conduct proactive, hypothesis-driven threat hunts in enterprise or industrial environments.
  • Expertise in mapping activity using frameworks like MITRE ATT&CK and analyzing various data types for threats.
  • Strong knowledge of adversary tactics, techniques, and procedures (TTPs).
  • Capability to translate cyber threat intelligence into actionable plans and detection analytics.
  • Top Secret clearance and relevant certifications such as GCFA, GCIH, or CISSP.

Market check

Salary context

This $99,000–$225,000 range sits above 58% of similar postings on FindRole.

Peer median band

$114,900$190,000

Median floor and ceiling across peers.

Typical midpoint (25–75%)

$123,000$186,200

Middle half of comparable postings.

Based on 237 comparable postings.

* 240 is the maximum number of comparable postings sampled.

Employer

About Booz Allen Hamilton

Booz Allen Hamilton is a management and technology consulting firm that provides analytics, digital, engineering, and cybersecurity solutions primarily to U.S. government agencies and commercial clients. Industry: Management & Technology Consulting

Booz Allen Hamilton currently has 627 open roles on FindRole.

Listed pay typically runs $86,800–$198,000 across 614 roles with salary data.

Most-posted roles

View all roles at Booz Allen Hamilton

More like this

Similar roles

Senior Threat Hunter

Allstate

Remote (Usa - Il (Remote), US) 42 days ago $100,000$170,500
Python PowerShell Bash SIEM Splunk ArcSight NetWitness PaloAlto CrowdStrike Tanium Defender NIDS HIPS EDR TCP/IP SMTP DNS TLS XML HTTP AWS Azure
Remote

Cyber Threat Intelligence Analyst

Leidos

9358 Undisclosed Dc Customer Site, US 78 days ago $107,900$195,050
MITRE ATT&CK Threat Intelligence Platform (TIP) Python PowerShell SPL KQL Elastic DSL AWS Azure O365 Cyber Kill Chain Diamond Model of Intrusion Analysis Anomali ThreatConnect MISP

OT Infrastructure & Compliance, Lead Analyst

AES Corporation

Remote (Us, Dayton, Oh, US) 10 days ago
Windows Server Active Directory Linux VMware Hyper V MSSQL NERC CIP Patch Management Vulnerability Management CI/CD ITIL ISO 27001 Compliance Documentation Infrastructure Monitoring Datacenter Operations Virtualization Platforms Network Security Change Management Project Management
Remote

Principal Advanced Threat Response Analyst

Hewlett Packard Enterprise

Locations All, Texas, US 60 days ago $120,500$276,500
MITRE ATT&CK Python Splunk Sentinel CrowdStrike Carbon Black Defender ATP Mitre Attck AWS Azure GCP PowerShell Bash CI/CD SIEM EDR Red Team Offensive Security Cobalt Strike Metasploit Purple Team Exercises

Sr Insider Threat Engineer

PayPal

Usa - Arizona - Scottsdale - Corp - N 90Th St, US 80 days ago $123,500$183,700
SIEM Python SQL Kubernetes AWS CI/CD Git Linux Docker Prometheus Grafana Nginx JSON YAML

Insider Threat Program Chief Engineer

Leidos

6597 Washington Dc, US 25 days ago $154,050$278,475
ITIL NIST FISMA CISSP Oracle Database User Activity Monitoring Everfox High Speed Guard Platform Cisco Juniper Docker Kubernetes AWS Python PostgreSQL Git Jenkins Terraform Ansible Prometheus Grafana