Threat Intelligence/Hunt Engineer

What You'll Do 
This role delivers decision‑ready threat intelligence and intelligence‑driven threat hunting to reduce risk, improve detection, and strengthen enterprise security posture. The position partners across security and business functions, synthesizes multi‑source intelligence and telemetry, and executes hunts and investigations end‑to‑end with a focus on rigor, repeatability, and measurable outcomes. 

Responsibilities:

• Translate evolving business risk and operational vulnerabilities into clear, decision‑ready threat intelligence and briefings, providing actionable insights that enable timely risk reduction, remediation, and mitigation.   

• Partner with cross‑functional technical and business teams to define, maintain, and continuously adapt intelligence requirements as the threat landscape changes, ensuring intelligence outputs remain relevant, prioritized, and operationally actionable. 

• Synthesize diverse intelligence streams to assess adversary intent, capability, and risk to the organization.   

• Conduct in‑depth threat research and evaluation of internal and external intelligence reporting while prioritizing emerging and ongoing threats to inform strategic decision‑making and enterprise‑level risk management. 

• Correlate internal telemetry, operational data, and external intelligence to identify emerging threats and evolving adversary activity. 

• Independently identify when high priority requirements require focus shift to deliver high‑impact tactical and operational support as the threat landscape changes. 

• Support and provide input to an intelligence‑driven threat hunting program with repeatable workflows, playbooks, and effective metrics. 

• Independently perform continuous hunt cycles and execute the full intel/ hunt lifecycle—using hypothesis‑driven methods and developing deep proficiency with EDR, SIEM, log analytics, network telemetry, and identity systems to identify known and unknown threats. 

• Drive hypothesis‑led investigations and hunts by performing exploratory analysis across large‑scale datasets to surface anomalies and weak signals by assessing exploitability in the context of the tech stack. 

• Identify detection, visibility, coverage, and mitigation gaps surfaced through intelligence analysis and threat hunting, and research root causes to partner with engineering teams for continuous improvement.  

• Contribute to structured documentation processes and methodologies to drive continuous improvement — refining priorities, processes, and tooling.  

• Independently identify new problem spaces and proactively pursue solutions without waiting for direction 

What You Will Need to be Successful:

• Experienced practitioner (5 Years Plus) in threat intelligence and/or hunting, producing rigorous, multi‑domain, strategic, and predictive intelligence at scale.  

• Ability to apply structured analytical techniques to operate effectively under uncertainty and incomplete data, forming defensible, well‑supported analytic judgments in ambiguous, fast‑moving environments.  

• Knowledge of multiple threat analysis and modeling frameworks (e.g., Diamond Model, MITRE ATT&CK, DREAD, PASTA) to create structured assessments, communicate risk clearly, and drive consistent, repeatable analysis. 

• Ability to define and refine intelligence‑driven threat hunts—using repeatable methodologies and playbooks, hunts at scale across diverse datasets, and documenting findings for both technical and non‑technical audiences.  

• Hands-on expertise with enterprise hunting tools and data platforms (SIEM, EDR, network telemetry, identity logs, cloud audit pipelines)  

• Technology-focused perspective; experience supporting or defining requirements tied to software, infrastructure, or security tooling  

• Diverse background/alternative perspectives that strengthen analytical depth and problem-solving  

• Proven ability to translate threat intelligence and hunt findings into decision‑ready insights for technical and non‑technical stakeholders, including senior leadership 

• Experience working in a collaborative environment—contributing insights while integrating feedback and perspectives from others  

• Highly self-directed and organized, effectively managing priorities and deliverables end‑to‑end with strong time management and communication. 
   

What You May Need to be Successful:

• Experience integrating intelligence efforts across corporate security domains—partnering with Executive Protection, Insider Risk, Trust & Safety, and Physical Security teams, with exposure to geopolitical risk, fraud/insider threat, and supply chain risk.  

• Experience partnering with detection engineering or red teams to validate hypotheses and strengthen threat coverage 

• Hands‑on experience building/supporting automation, scripting, or workflow optimization to scale intelligence production, research, or hunt operations  

• Familiarity with data engineering concepts relevant to hunting (e.g., pipeline quality, normalization, enrichment, log onboarding)  

• Prior experience presenting intelligence findings to senior leadership or executive audiences  

Why Join Us at First Advantage?

At First Advantage, team members are united around a noble purpose: helping organizations to safeguard their workplaces and manage risk. The company’s culture is shaped by its core values — Authenticity, Curiosity, Integrity, Teamwork, Customer-Inspired — empowering team members to bring their best ideas forward, collaborate across departments, and make a real impact.

First Advantage offers a variety of culture programs and benefits designed to enhance employee experience and development.

• Employee Impact Groups

• FA Cares volunteer opportunities

• Mentorship Advantage Program

• SOAR, award-winning manager development program

We have great people here and are looking for more. Come join us!
 

Follow us:

• Facebook

• Instagram

• LinkedIn

• X

• YouTube

Equal Employment Opportunities at First Advantage
First Advantage is an equal opportunity employer. We are committed to providing a workplace and recruitment process that is free from unlawful discrimination, harassment, and retaliation. Employment decisions at First Advantage are based solely on qualifications, merit, and business needs. We do not discriminate in any aspect of employment on the basis of race, color, national origin, ancestry, citizenship, religion, creed, sex, gender identity, gender expression, sexual orientation, marital or family status, pregnancy, age, physical or mental disability, medical condition, genetic information, veteran or military status, or any other characteristic protected by applicable law.