Senior Data Security Scientist

Join to apply for the Senior Data Security Scientist role at Aquia

Join to apply for the Senior Data Security Scientist role at Aquia

Named the “#1 Best Remote Startup to Work For in 2025” by Built In, Aquia is a digital services firm specializing in cloud infrastructure, cybersecurity, and compliance automation for the U.S. government.

Founded by Veterans, we are passionate about making our country digitally capable and secure. Since 2021, we’ve generated millions in cost savings through cloud services and licensing optimization, enabled civil servants to double health care fraud investigations through streamlined cloud-based systems, and reduced authorization timelines by 74% through modernized security processes. Last year, we were named the 2024 Service-Disabled Veteran-Owned Business (SDVOSB) of the Year by the Department of Health and Human Services (HHS).

We are seeking a Senior Data Security Scientist with deep Splunk expertise and a passion for proactive cyber threat hunting. This is a senior leadership role on a cybersecurity mission where the focus is not on responding to existing alerts—but on discovering new, novel signs of suspicious behavior in logs, identifying repeatable threat patterns, and converting those insights into high-fidelity detections.

The ideal candidate is both an advanced data analyst and a team mentor, capable of navigating unstructured log data, recognizing subtle threat signals, and guiding a team to operationalize findings into actionable detection content. Experience collaborating with stakeholders over multiple distinct enterprise security functions will be crucial.

What you'll do

Proactive Threat Hunting in Splunk

• Analyze vast volumes of unfiltered log data (e.g., authentication, process, endpoint, cloud, network) to identifyanomalies, weak signals, and suspicious patterns.
• Develop and refinecustom SPL-based searchesto surface potentially malicious behavior overlooked by default alerts.
• Apply frameworks likeMITRE ATT&CKto map TTPs and explore emerging adversary behaviors.
• Build, maintain, and document detection models in Splunk with Machine Learning Tool Kit (MLTK).

Detection Development & Content Engineering

• Convert threat hunt findings into repeatable detection logic, aligned to known threat models and environmental context.
• Build and manage data models, tags, macros, and knowledge objects to support scalable alerting and correlation.
• Partner with the SOC to hand off validated detections and assist in refining alert thresholds and response workflows.

Leadership & Team Enablement

• Lead and mentor a small team of data engineers and cyber analysts engaged in threat detection, Splunk development, and SOC support.
• Ensure hunt methodology, documentation, and detection output meet mission standards.
• Support continuous improvement of internal hunt frameworks, content lifecycle, and detection engineering processes.
• Interface directly with cybersecurity stakeholders to align hunt priorities to mission goals.
• Help shape threat hypotheses and investigative paths based on threat intel, incident trends, and strategic risk areas.
• Deliver insights and recommendations through clear, actionable communication—verbally and in writing.

What we're looking for:

• 7+ years of experience incybersecurity analytics, data science, or detection engineering, including supervisory/team leadership.
• Advanced proficiency inSplunkandSPL, including working knowledge of Enterprise Security, CIM models, and threat hunting techniques.
• Proven track record ofdiscovering unknown or low-signal cyber threatsvia log analysis and hypothesis-driven investigations.
• Experience supporting or collaborating withSecurity Operations Centers (SOCs), incident response, and threat intelligence teams.
• Deep familiarity withlog sourcesacross endpoints, authentication, cloud services, and infrastructure.
• Strong written and verbal communication skills, including stakeholder briefings, work scoping, and team mentorship.

Preferred Qualifications

• Experience leading hunt teams or detection efforts within afederal cybersecurity mission.
• Familiarity withMITRE ATT&CK, threat modeling, or detection-as-code pipelines.
• Current or priorTS/SCI clearance(or eligibility).
• Experience integrating and contextualizingthreat intelligence feedsinto hunt workflows.
• Experience participating in a consulting organization in a supervisory or management role.

Remote - USA

$160,000-$210,000USD

• Employee stock plan
• 100% 401k match (up to IRS annual max)
• Generous PTO package
• Personal training and development budget

Stay in touch

Sign up for our newsletterto receive updates on cloud and cybersecurity in the public sector and what's new at Aquia.

Aquia Inc. is an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any federal, state, or local protected class.

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Engineering and Information Technology
• Industries
  Computer and Network Security

Referrals increase your chances of interviewing at Aquia by 2x

Get notified about new Senior Data Scientist jobs in United States.

United States $200,000 - $230,000 2 days ago

New York, NY $180,000 - $200,000 1 week ago

United States $240,000 - $240,000 1 week ago

United States
$230,000.00
-
$240,000.00
1 week ago

United States
$238,000.00
-
$386,400.00
2 weeks ago

Chicago, IL
$95,000.00
-
$120,000.00
1 month ago

United States
$195,000.00
-
$225,000.00
3 weeks ago

San Francisco County, CA
$240,000.00
-
$275,000.00
2 weeks ago

United States
$230,000.00
-
$265,000.00
1 month ago

San Francisco, CA
$40.00
-
$80.00
1 month ago

Pennsylvania, United States
$40.00
-
$80.00
1 month ago

United States $177,000 - $284,000 4 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.