At a glance
Position:Cyber Threat Hunter
Primary Location:Midland (MI, USA), Michigan, United States of America
Schedule:Full time
Date Posted:01/05/2026
Job Number:R2064151
Position Type:Regular
Workplace Type:Onsite
At Dow, we believe in putting people first and we're passionate about delivering integrity, respect and safety to our customers, our employees and the planet.
Our people are at the heart of our solutions. They reflect the communities we live in and the world where we do business. Their diversity is our strength. We're a community of relentless problem solvers that offers the daily opportunity to contribute with your perspective, transform industries and shape the future. Our purpose is simple - to deliver a sustainable future for the world through science and collaboration. If you're looking for a challenge and meaningful role, you're in the right place.
Dow (NYSE: DOW) is one of the world's leading materials science companies, serving customers in high-growth markets such as packaging, infrastructure, mobility and consumer applications. Our global breadth, asset integration and scale, focused innovation, leading business positions and commitment to sustainability enable us to achieve profitable growth and help deliver a sustainable future. We operate manufacturing sites in 30 countries and employ approximately 36,000 people. Dow delivered sales of approximately $43 billion in 2024. References to Dow or the Company mean Dow Inc. and its subsidiaries. ????Learn more about us and our ambition to be the most innovative, customer-centric, inclusive and sustainable materials science company in the world by visiting www.dow.com.
About you and this role
Dowhas an exciting opportunity for aCyber Threat Hunterlocated inMidland, MI.
As a Cyber Threat Hunter, you will serve as a proactive defender within the Cybersecurity Operations Center (CSOC), reporting to the CSOC Operations Leader. On top of day-to-day investigations and incident response, this position focuses on hypothesis-driven hunting to uncover advanced threats that evade automated detection. You will lead threat-hunting initiatives, collaborate with the Dow red team to emulate adversary tactics, and act as a focal point for advanced detection strategies across the team. Your mission is to anticipate, identify, and neutralize sophisticated adversaries by leveraging threat intelligence, behavioral analytics, and forensic techniques. This role demands curiosity, creativity, and technical depth to stay ahead of evolving attack methodologies.
Responsibilities:
Handles escalations and determines response actions for cybersecurity incidents
Collects threat intelligence and converts it to actionable content
Participates in table-top exercises, ethical hacking, and cyber-range training
Lead hypothesis-driven hunts based on MITRE ATT&CK and emerging TTPs
Perform deep-dive analysis of network traffic, endpoint telemetry, and identity logs to uncover and analyze adversarial behaviors
Develop and refine detection logic for SIEM and EDR platforms
Collaborate with threat intelligence teams to operationalize indicators of compromise (IOCs) and adversary emulation plans
Construct adversary emulation scenarios to validate detection coverage and identify gaps
Document hunt methodologies and findings to strengthen organizational resilience and inform future hunts
Qualifications:
A minimum of a bachelor's degreeorrelevant military experience at or above a U.S. E5 rankingorCanadian Petty Officer 2nd Class or Sergeant OR a minimum of 3 total years of relevant IT experience in lieu of a Bachelor's degree.
A minimum of 2 years experience with Cybersecurity
Able to be available for on-call rotation as needed
A minimum requirement for this U.S.-based position is the ability to work legally in the United States. No visa sponsorship/support is available for this position
Preferred Skills:
Strong understanding of adversary tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK, Cyber Kill Chain, and PEAK Threat Hunting Framework
Experience with Microsoft Sentinel, Defender XDR, and threat intelligence platforms; ability to write custom detection rules and queries
Familiarity with memory forensics, malware analysis, and reverse engineering concepts
Ability to develop hypotheses and conduct hunts without relying on pre-existing alerts
Comfortable presenting technical findings to both technical and executive audiences
Familiarity with OT concepts and adversarial threats.
Your Skills
Cyber Threat Hunting- Proactively searching for advanced threats that evade automated detection by leveraging hypothesis-driven techniques, threat intelligence, and behavioral analytics.
Adversary Tactics & Framework Knowledge- Deep understanding of TTPs and frameworks like MITRE ATT&CK, Cyber Kill Chain, and PEAK to anticipate and counter sophisticated attacks.
Incident Response & Forensic Analysis- Handling cybersecurity investigations and performing deep-dive analysis of network traffic, endpoint telemetry, and identity logs to uncover adversarial behaviors.
Detection Logic Crafting- Developing and refining detection logic for SIEM and EDR platforms, including writing custom rules and queries to improve threat visibility.
Collaborative Communication- Effectively partnering with the Dow red team, threat intelligence team, and presenting technical findings to both technical and executive audiences.
Preferred Certifications:
GCTI (GIAC Cyber Threat Intelligence), GCFA (GIAC Forensic Analyst), CompTIA CySA+, or Certified Cyber Threat Hunting Professional (CCTHP)
Additional Notes:
This position does not offer relocation assistance.
Benefits - What Dow offers you
We invest in you.
Dow invests in total rewards programs to help you manage all aspects of you: your pay, your health, your life, your future, and your career.?You bring your background, talent, and perspective to work every day. Dow rewards that commitment by investing in your total wellbeing.
Here are just a few highlights of what you would be offered as a Dow employee:
Equitable and market-competitive base pay and bonus opportunity across our global markets, along with locally relevant incentives.
Benefits and programs to support your physical, mental, financial, and social well-being, to help you get the care you need...when you need it.
Competitive retirement program that may include company-provided benefits, savings opportunities, financial planning, and educational resources to help you achieve your long term financial-goals.
Employee stock purchase programs (availability varies depending on location).
Student Debt Retirement Savings Match Program (U.S. only).
Dow will take the value of monthly student debt payments and apply them as if they are contributions to the Employees' Savings Plan (401(k)), helping employees reach the Company match.
Robust medical and life insurance packages that offer a variety of coverage options to meet your individual needs. Travel insurance is also available in certain countries/locations.
Opportunities to learn and grow through training and mentoring, work experiences, community involvement and team building.
Workplace culture empowering role-based flexibility to maximize personal productivity and balance personal needs.
Competitive yearly vacation allowance.
Paid time off for new parents (birthing and non-birthing, including adoptive and foster parents).
Paid time off to care for family members who are sick or injured.
Paid time off to support volunteering and Employee Resource Group's (ERG) participation.
Wellbeing Portal for all Dow employees, our one-stop shop to promote wellbeing, empowering employees to take ownership of their entire wellbeing journey.
On-site fitness facilities to help stay healthy and active (availability varies d
