Viasat · 5 hours ago
Staff Security Specialist, Threat Hunter
Massachusetts, United States
Full-time
Hybrid
Senior Level, Lead/Staff
$190K/yr - $284K/yr
5+ years expViasat is a company on a mission to deliver connections that can change the world. They are seeking a Cyber Threat Hunter to proactively safeguard the organization from advanced threats, using intelligence-driven methodologies to hunt down adversaries and enhance security measures.
InternetOptical CommunicationTelecommunications
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Execute hypothesis-driven threat hunts across the network, endpoints, and cloud environments to uncover hidden, anomalous, or malicious activity that could bypass controls
Integrate Cyber Threat Intelligence (CTI) from tactical, operational, and strategic sources to inform hunting hypotheses, prioritize investigations, and enrich security tooling
Collaborate on threat intelligence driven incidents by providing hunting and CTI enrichment support
Prioritize vulnerabilities and security gaps based on threat actor exploitation trends identified via CTI and hunting campaigns, directly feeding into the vulnerability management and security engineering programs
Coordinate with detection engineers to develop new detections, composite rules, and dashboards based on discovered threat Tactics, Techniques, and Procedures (TTPs) to enhance the security team's overall capability
Lead the lifecycle of threat intelligence within the Threat Intelligence Platform (TIP), ensuring timely maintenance, accurate expiration policies, reduction in false positive rates, and continuous enrichment of Indicators of Compromise (IOCs) and TTPs to improve contextualization and prioritization of alerts in the Security and Information Event Management (SIEM)
Maintain continuous tracking and monitoring of external threat surfaces, including dark web forums, leak sites, and underground marketplaces, focusing on brand protection, supply chain risks, and the identification of organizational asset management risks
Review the latest threat intelligence reports, internal alerts, and ongoing investigations. Prioritize the day's hunting campaigns based on the most relevant and high-impact threats
Spend significant time querying and analyzing large datasets from SIEM, Endpoint Detection and Response (EDR), network logs, and cloud telemetry, searching for patterns and anomalies that confirm or deny a threat intelligence hypothesis
Conduct in-depth analysis on potential IOCs, which may include correlating data from disparate sources
Work directly with the Incident Response team to transition a confirmed threat into a full-scale incident, providing critical context on the threat actor, their motives, and their activities
Participate in and contribute to relevant threat intelligence working groups, consuming information from partners to rapidly shift and focus hunting efforts on the most immediate and relevant threats to our sectors
Regularly review and update intelligence feeds and context within the TIP and SIEM to keep alerting rules efficient. This reduces false positive alerts and improves detection based on gathered information
Document and communicate findings clearly to both technical and non-technical stakeholders, detailing the threat, its potential impact, and actionable remediation steps
Qualification
Required
5+ years' experience threat hunting
2+ years experience with the Incident Response lifecycle (Preparation, Detection & Analysis, Containment, Eradication & Recovery, Post-Incident Activity) and the ability to lead the technical aspects of an investigation
Demonstrable ability to source, analyze, and apply CTI to hunting for adversary TTPs
Provide expert-level knowledge and practical experience with SIEM, TIP, and Endpoint and Network Detection & Response E/NDR) tools for data querying and analysis
Experience prioritizing vulnerabilities, Common Vulnerabilities and Exposures (CVEs), in a vulnerability management program based on CTI feeds and evidence of active exploitation (e.g., applying the CISA Known Exploited Vulnerabilities (KEV) catalog)
Solid understanding of operating system internals (Windows, macOS, Linux), cloud infrastructure, common network protocols, or the ability to analyze endpoint and network artifacts (e.g., packet captures, memory dumps, system logs)
US Citizenship required
Active DoD Secret Clearance or have held one in the last two (2) years
Ability to travel up to 10%
Preferred
Demonstrated Incident Response, or Security Operations Center (SOC) role (Tier 3/Advanced Analyst) experience
Hands-on experience with EDR, NDR, TIP, and Security Orchestration, Automation, and Response (SOAR) tools
Familiarity with the security logging, monitoring, and threat landscape of major cloud environments
Experience producing professional intelligence products, reports, and delivering executive-level briefings on complex technical topics
Benefits
Additional cash or stock incentives may be provided as part of the compensation package
A range of medical, financial, and/or other benefits
Company
Viasat
Viasat is a global communications company that offers satellite services.
5001-10000 employees
Funding
Current Stage
Public CompanyTotal Funding
$3.16BKey Investors
UK Space AgencyNASA
2025-11-21Grant· $1.15M
2024-09-09Post Ipo Debt· $1.98B
2023-09-13Post Ipo Debt· $733.4M
Leadership Team
Andy Lincoln
Chief Engineer
Don Buchman
President Aviation
Recent News
2026-01-09
2026-01-09
PCMag.com - Technology Product Reviews, News, Prices & Tips
2026-01-07
Company data provided by crunchbase