Principal Analyst - Threat Hunting

The Principal Analyst will lead advanced threat detection and analysis efforts by leveraging enterprise-scale data sources, audit logs, and monitoring tools. This role involves deep-dive investigations into suspicious activity, identifying hidden threats, and proactively hunting for adversaries across customer environments. The Principal Analyst will work closely with our Technology Engineers, Architects, and Threat Intelligence teams to enhance detection capabilities and deliver actionable insights to clients. This position requires a strong understanding of attacker tactics, threat modeling, and the ability to translate complex findings into clear, strategic recommendations.

How you'll make an impact

• Operate autonomously within a globally distributed team, maintaining strong communication and situational awareness.
• Conduct proactive threat hunting across diverse security data sets to uncover hidden threats and anomalous behavior.
• Utilize advanced detection techniques and tools to identify indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs).
• Lead and document in-depth investigations and threat analysis, ensuring thoroughness and accuracy.
• Review and validate threat investigations conducted by junior analysts, ensuring adherence to quality standards.
• Design and implement repeatable hunting methodologies to identify malicious activity and reduce dwell time.
• Provide actionable recommendations to improve detection, response, and overall security posture.
• Present complex technical findings to both technical and non-technical stakeholders in a clear and concise manner.
• Develop and refine operational processes for threat detection, escalation, and incident response.
• Manage multiple high-priority tasks in a dynamic environment, delivering timely and effective responses.
• Collaborate with cross-functional security teams to enhance threat detection and response capabilities.
• Continuously expand technical expertise and contribute to the growth of team capabilities.
• Mentor and support the development of fellow team members.
• Partner with engineering and architecture teams on strategic security initiatives.
• Apply innovative thinking to understand and detect evolving attack methodologies, malware, and threat actor behaviors.
• Conduct advanced threat emulation and adversary simulation exercises.
• Design and implement advanced use cases for insider threat detection, operational monitoring, and threat response.
• Evaluate and enhance defensive and detective controls to minimize the organization’s attack surface. 

What we’re looking for

• 8+ years of experience in vulnerability management, threat detection, and risk remediation across infrastructure and applications.
• Strong knowledge of CVEs, CVSS, compensating controls, and the evolving cyber threat landscape.
• Proficient in Windows/Linux OS, network technologies, and security monitoring tools (e.g., EDR, UEBA, SIEM).
• Skilled in proactive threat hunting, malware analysis, and MITRE ATT&CK framework.
• Experience in designing threat detection use cases and tuning security controls for improved accuracy.
• Capable of handling complex investigations across endpoints, cloud, SaaS, and network layers.
• Excellent communication, analytical, and collaboration skills; able to work in fast-paced, 24x7 SOC environments.
• Industry certifications (e.g., CISSP, SANS GIAC, CISM) preferred.
• This role is Work from Office role.
• This is a 24x7 role in Security Operations Center

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law.

Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities.  For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.