Data Security Analyst II, Threat Hunter - Red Hat

Austin, TX, US • Posted 13 hours ago • Updated 1 hour ago

Contract W2

On-site

Hourly

Neos Consulting

Fitment

Dice Job Match Score™

⏳ Almost there, hang tight...

Job Details

Skills

Data Security
Information Security
Collaboration
Authentication
Network
Security Controls
Leadership
Incident Management
Red Hat Linux
Red Hat Enterprise Linux
Cloud Computing
Artificial Intelligence
System On A Chip
Workflow
Microsoft
FOCUS
Data Governance
White Hat
SIEM
Splunk
Mapping
Security+
Certified Ethical Hacker
OSCP
DICE

Summary

City : Austin

State : Texas

Neos is Seeking a Data Security Analyst II (Threat Hunter, Red Hat) for a contract role for with our client in Austin, TX.

***HYBIRD (AUSTIN) or REMOTE - CANDIDATES CURRENTLY RESIDING IN THE AUSTIN, TEXAS AREA OR IN U.S. NEED APPLY***

No calls, no emails, please respond directly to the "apply" link with your resume and contact details.

This position is Remote, outside of Austin

Local candidates will be Hybrid - 1 day per week in office, Wednesdays

located at 5500 E. Oltorf ST, Austin, TX 78741

Job Description

Data Security Analyst II - Threat Hunter (Red Hat / Linux)

Department: IT Enterprise Information Security

Location: Remote (outside Austin) or Hybrid (Austin, TX - one day onsite per week)

Position Overview

Position Summary

The Office of Attorney General (OAG) is seeking a highly skilled Threat Hunter with extensive Red Hat / Linux security experience to support proactive threat identification across OAG's enterprise environment. This position will focus on analyzing security telemetry, investigating risk indicators, and conducting deep-dive threat hunting activities to determine whether suspicious behavior warrants escalation, containment, or policy updates.

The ideal candidate will combine hands-on investigative skill with ethical hacking / adversary simulation techniques to validate potential exposure paths and determine how an attacker could compromise systems. This individual will develop structured threat hunting playbooks and risk-based investigative procedures that can be operationalized and automated (in collaboration with Splunk/SIEM engineering resources).

Key Responsibilities
Proactively hunt for threats by analyzing security telemetry and risk indicators across OAG's enterprise environment, identifying suspicious activity, privilege misuse, persistence, and lateral movement.
Lead deep-dive investigations in Red Hat / Linux (RHEL) environments by reviewing system logs, authentication activity, services, binaries, scheduled tasks, and network behavior to validate potential compromise.
Partner with SIEM/Splunk engineering to implement and harden Copilot-driven Splunk workflows, including least-privilege access, secure data handling, logging/monitoring, and control validation to prevent data leakage or unintended exposure.
Triage and assess risk severity to determine whether findings require escalation, containment, deeper investigation, or immediate mitigation actions.
Conduct ethical hacking/adversary-based validation (within approved rules of engagement) to confirm exploitability, attack paths, and real-world impact to systems.
Develop structured and repeatable threat hunting playbooks (signals, validation steps, evidence required, escalation triggers, and mitigation actions) and translate findings into detection requirements.
Partner with SIEM/Splunk engineering to operationalize and automate playbooks into Splunk workflows, alerts, and response processes.
Recommend security control enhancements and policy updates based on investigation outcomes, and document findings in a clear, defensible format for leadership and technical teams.

Required Qualifications

6+ years of experience in threat hunting, incident response, or security investigations in a security enterprise environment.
6+ years of extensive hands-on experience with Red Hat / Linux security (RHEL preferred).
3+ years experience supporting environments that include hybrid infrastructure (cloud + on-prem).
1+ years experience enabling and securing AI-driven SOC workflows, including Microsoft Copilot integration with SIEM platforms (Splunk preferred), with a focus on least-privilege access, data governance, auditability, and secure implementation patterns.
Proven ability to analyze system-level telemetry and determine real risk vs noise.
Strong experience performing deep investigative analysis and making escalation recommendations.
Demonstrated experience with ethical hacking / adversary simulation and understanding how compromise occurs.
Ability to develop structured playbooks and investigative procedures for repeatable threat hunting.
Experience partnering with SIEM/Splunk teams to operationalize detection logic and automation.
Familiarity with common attacker techniques (MITRE ATT&CK mapping experience preferred).
Certifications are a plus (examples: Security+, CEH, OSCP, GIAC), but hands-on capability matters most.

#DICE

#LI-MB

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 10111245
Position Id: a0FRb00000DbK57MAF
Posted 13 hours ago

Company Info

About Neos Consulting

What makes Neos unique and different from other firms? We treat our consultants like valued customers. The owners of Neos are career onsite IT consultants. We understand the demands of being a consultant at a customer site – we lived it every day. We’ve built and run Neos to provide a first-class experience for our consultants. Neos has been twice recognized as a Best Places to Work by the Austin Business Journal. Founded in South Austin in 2003, Neos is an IT consulting and staffing firm specializing in state and local government, public agencies, K-12, and higher education customers. Neos is the #1 provider of IT Staff Augmentation services to Texas state and local governments via the Texas Department of Information Resources. We have been recognized twice by Inc. magazine as one the fastest-growing companies in America and twice by Austin Business Journal as a Fast 50 company in Central Texas.

Go to company profile

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.