Apply on Employer Site

Flock Safety · 4 hours ago

Lead, Threat Hunter

United States

Full-time

Remote

Senior Level, Lead/Staff

$150K/yr - $190K/yr

10+ years exp

Flock Safety is the leading safety technology platform, helping communities thrive by taking a proactive approach to crime prevention and security. The Lead, Threat Hunter will focus on defining and maturing the Adversary Pursuit program, managing threat hunts, and collaborating with various teams to enhance detection and response capabilities.

ManufacturingPublic SafetySecuritySensor

Comp. & Benefits

H1B Sponsor Likely

Responsibilities

Mold the long-term threat hunting roadmap, including strategy, data ingestion requirements, and coverage metrics

Provide operational oversight during threat hunts, ensuring objectives are defined, hunt methodology is established and timeframes are met

Mentor and guide junior analysts in hunting methodologies, query optimization, and forensic analysis

Deep technical expertise in performing DFIR and adversary threat hunts, across diverse environments (corporate systems, cloud - AWS/GCP/Azure, and operational technology networks)

Strong experience performing DFIR on Android IoT devices

Extensive experience utilizing enterprise security tooling (SIEM, EDR, etc.) as well as developing proprietary tools/scripts to scale the team’s capabilities

Experience utilizing sandboxing technology to aid in the analysis of suspicious binaries and scripts; hands-on reverse engineering experience a plus

Map findings to the MITRE ATT&CK framework to identify coverage gaps and improve detection posture

Well versed in using cyber threat intelligence to update requirements, prioritize collection sources and integrate technical TTPs to inform and prioritize hunts

Create and tune high-fidelity detection rules (e.g., Splunk SPL, YARA, Sigma) based on hunt findings to prevent future recurrence

Assist with the development of technical table top exercises, ensuring scenario applicability to the organization’s risk profile and align to real world cyber events

Collaborate with Cybersecurity, Engineering, and Product teams to help plan, and execute threat hunts, providing detailed findings and data backed recommendations for cybersecurity and architectural improvements

Work closely with the Offensive Security team to help perform regular testing and validation of custom detection rules

Serve as a Tier 3 escalation point for SOC analysts; perform deep-dive root cause analysis on complex security incidents

Build a deep understanding of the company’s technology stack, threat landscape, and existing security operations and response practices

Establish strong partnerships with Engineering, Infrastructure, Product Security, and Offensive Security teams

Define a clear vision and strategy for Adversary Pursuit aligned to risk tolerance and business priorities to help create a cyber threat profile

Evaluate current visibility (logs and intelligence) and detection capabilities to identify gaps and quick wins

Build an organizational Cyber Threat Profile with prioritized threat actors and intelligence collection requirements and proactively identifying attacker TTPs

Develop a phased roadmap to mature Adversary Pursuit capabilities, including visibility and detection gap remediations and tooling improvements as well as plans for incorporation into regular exercises

Qualification

DFIR expertiseThreat huntingCloud security (AWS/GCP/Azure)Enterprise security toolsTechnical table top exercisesCyber threat intelligenceDetection rule creationLeadershipCollaborationMentoring

Required

Over 10 years of cybersecurity experience

At least 5 years focused on DFIR/Threat Hunts

Deep technical expertise in performing DFIR and adversary threat hunts across diverse environments (corporate systems, cloud - AWS/GCP/Azure, and operational technology networks)

Strong experience performing DFIR on Android IoT devices

Extensive experience utilizing enterprise security tooling (SIEM, EDR, etc.)

Experience developing proprietary tools/scripts to scale the team's capabilities

Experience utilizing sandboxing technology to aid in the analysis of suspicious binaries and scripts

Hands-on reverse engineering experience a plus

Ability to map findings to the MITRE ATT&CK framework to identify coverage gaps and improve detection posture

Well versed in using cyber threat intelligence to update requirements, prioritize collection sources and integrate technical TTPs to inform and prioritize hunts

Ability to create and tune high-fidelity detection rules (e.g., Splunk SPL, YARA, Sigma) based on hunt findings

Ability to assist with the development of technical table top exercises

Collaborate with Cybersecurity, Engineering, and Product teams to help plan and execute threat hunts

Serve as a Tier 3 escalation point for SOC analysts

Perform deep-dive root cause analysis on complex security incidents

Ability to obtain and maintain Criminal Justice Information Services (CJIS) certification

Benefits

Flexible PTO : We offer non-accrual PTO, plus 11 company holidays.

Fully-paid health benefits plan for employees : including Medical, Dental, and Vision and an HSA match.

Family Leave : All employees receive 12 weeks of 100% paid parental leave. Birthing parents are eligible for an additional 6-8 weeks of physical recovery time.

Fertility & Family Benefits: We have partnered with Maven, a complete digital health benefit for starting and raising a family. Flock will provide a $50,000-lifetime maximum benefit related to eligible adoption, surrogacy, or fertility expenses.

Spring Health: Spring Health offers a variety of mental health benefits, including therapy, coaching, medication management, and digital tools, all tailored to each individual's needs.

Caregiver Support: We have partnered with Cariloop to provide our employees with caregiver support

Carta Tax Advisor: Employees receive 1:1 sessions with Equity Tax Advisors who can address individual grants, model tax scenarios, and answer general questions.

ERGs: We want all employees to thrive and feel like they belong at Flock. We offer four ERGs today - Women of Flock, Flock Proud, LEOs and Melanin Motion. If you are interested in talking to a representative from one of these, please let your recruiter know.

WFH Stipend: $150 per month to cover the costs of working from home.

Productivity Stipend: $300 per year to use on Audible, Calm, Masterclass, Duolingo and so much more.

Home Office Stipend: A one-time $750 to help you create your dream office.

Company

Flock Safety

Glassdoor3.9

Flock Safety provides end-to-end surveillance solutions to support law enforcement and communities.

Founded in 2017

Atlanta, Georgia, USA

1001-5000 employees

https://www.flocksafety.com

H1B Sponsorship

Flock Safety has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2024 (1)

2022 (2)

2021 (2)

Funding

Current Stage

Late Stage

Total Funding

$655.58M

Key Investors

Andreessen HorowitzTiger Global ManagementMeritech Capital Partners

2025-03-13Series F· $275M

2022-02-15Series E· $150M

2021-07-13Series D· $150M

Leadership Team

Garrett Langley

Founder & CEO

Mandy Schuler

Vice President Supply Chain

Recent News

Press Telegram

Worried about surveillance, states enact privacy laws and restrict license plate readers

2026-01-18

Techdirt

ICE Is Going On A Surveillance Shopping Spree

2026-01-16

East Bay Times

Santa Cruz votes to terminate its contract with Flock Safety

2026-01-16

Company data provided by crunchbase