Senior Cyber Threat Hunter

If you’re passionate about building a better future for individuals, communities, and our country—and you’re committed to working hard to play your part in building that future—consider WGU as the next step in your career.

Driven by a mission to expand access to higher education through online, competency-based degree programs, WGU is also committed to being a great place to work for a diverse workforce of student-focused professionals. The university has pioneered a new way to learn in the 21st century, one that has received praise from academic, industry, government, and media leaders. Whatever your role, working for WGU gives you a part to play in helping students graduate, creating a better tomorrow for themselves and their families.

The salary range for this position takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.

At WGU, it is not typical for an individual to be hired at or near the top of the range for their position, and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is:
 

Grade: Technical 409Pay Range: $130,900.00 - $196,300.00

Job Description

Make an Impact
As a Senior Cyber Threat Hunter, you will play a critical role in protecting the University’s applications, systems, and networks. You will lead advanced threat hunting, vulnerability analysis, and penetration testing–informed detection efforts, strengthen cloud and data security, and collaborate across IT and business teams to reduce risk and improve our overall security posture. This is a senior, hands-on role with meaningful influence on strategy, tooling, and day-to-day security operations.

What You’ll Do

• Lead proactive cyber threat hunting, vulnerability analysis, and detection engineering efforts across enterprise and cloud environments.

• Perform and support penetration testing activities, including coordination with internal teams and third-party vendors, validation of findings, and translation of results into actionable remediation and detection improvements.

• Analyze vulnerability scan results, pen test reports, and threat intelligence to prioritize risk and drive remediation based on exploitability and business impact.

• Develop and maintain security detections, analytics, and use cases aligned to the MITRE ATT&CK framework, informed by real-world attack techniques and testing outcomes.

• Monitor and analyze endpoint, network, and cloud security telemetry to establish baselines, identify anomalous behavior, and detect adversary techniques.

• Partner with infrastructure, cloud, and application teams to remediate vulnerabilities, validate fixes, and embed secure-by-design practices into systems and CI/CD pipelines.

• Participate in incident response activities, including root cause analysis, post-incident reviews, and improvements to controls, detections, and testing strategies.
   

What You’ll Bring

• Bachelor’s degree in IT Security, Computer Science, Engineering, or a related field, or equivalent relevant experience.

• 5 years of information security experience, including hands-on work in vulnerability management, penetration testing support, threat hunting, or security operations.

• Experience interpreting vulnerability scan results and penetration testing findings, and communicating risk and remediation guidance to technical and non-technical stakeholders.

• Hands-on experience creating and maintaining SIEM detection content and security rules to identify malicious, suspicious, or abnormal activity.

• Experience using the MITRE ATT&CK framework to guide threat hunting, detection engineering, or adversary emulation efforts.

• Strong working knowledge of AWS services, cloud security engineering principles, and infrastructure as code.

• Scripting and automation experience using tools such as Python, Bash, or PowerShell.

Bonus Points

• 10 years of information security experience.

• Direct experience conducting penetration tests, red team or purple team exercises, or adversary emulation.

• Experience preparing System Security Plans, supporting cybersecurity testing, or translating pen test and vulnerability results into executive-level risk summaries.

• Relevant security certifications such as CISSP, GIAC, OSCP, CEH, CCSP, AWS, or similar.

What to Expect

At WGU, our mission drives everything we do, including how we hire. Our interview experience is designed to give qualified candidates the opportunity to show their best work through meaningful conversations and collaboration.
We thoughtfully review every application and invite forward the candidates whose experience and potential best align with the role and our mission.

Interview Steps

• Introductory call and screen

• Technical interview

• Hiring leader interview
   

Work Location

This is a full-time, in-office position at WGU’s office in Raleigh, NC.

Visa Sponsorship

While we welcome applicants from all backgrounds, WGU is not able to provide visa sponsorship for this role.

#LI-AW2

Position & Application Details

Full-Time Regular Positions (classified as regular and working 40 standard weekly hours): This is a full-time, regular position (classified for 40 standard weekly hours) that is eligible for bonuses; medical, dental, vision, telehealth and mental healthcare; health savings account and flexible spending account; basic and voluntary life insurance; disability coverage; accident, critical illness and hospital indemnity supplemental coverages; legal and identity theft coverage; retirement savings plan; wellbeing program; discounted WGU tuition; and flexible paid time off for rest and relaxation with no need for accrual, flexible paid sick time with no need for accrual, 11 paid holidays, and other paid leaves, including up to 12 weeks of parental leave.

How to Apply: If interested, an application will need to be submitted online. Internal WGU employees will need to apply through the internal job board in Workday.

Additional Information

Disclaimer: The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive.

Accommodations: Applicants with disabilities who require assistance or accommodation during the application or interview process should contact our Talent Acquisition team at [email protected].

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to any protected characteristic as required by law.