Cyber Threat Hunter
No Relocation Assistance Available
Hunt for and identify threat actor groups and their techniques, tools and processes.
Participate in "hunt missions" using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect an eradicate threat actors on the company network.
Provide expert analytic investigative support of large scale and complex security incidents.
Perform analysis of security incidents for further enhancement of alert catalog.
Continuously improve processes for use across multiple detection sets for more efficient TMC operations.
Document best practices with the TMC staff using available collaboration tools and workspaces.
Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed.
Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc.
Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors.
A passion for research, and uncovering the unknown about internet threats and threat actors.
*6+ years overall IT Infrastructureexperience.
*3+ years of recent operational securityexperience (SOC, Incident Response, Malware Analysis, IDS/IPS Analysis, etc.)
Experience with several of the following topics:
*Cyber Threat intelligence.
*Software vulnerabilities & exploitation.
*Dark web intelligence.
*Demonstrated knowledge of Linux/UNIX & Windows operating systems.
*Demonstrated knowledge of the Splunk search language, search techniques, alerts, dashboards and report building.
*Experience with Snort, Bro or other network intrusion detection tools.
*Detailed understanding of the TCP/IPnetworking stack & network technologies.
*Working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.)
*Nominal understanding of regular expression and at least one common scriptinglanguage (PERL, Python, PowerShell).
*Strong collaborative skills and proven ability to work in a diverse global team of security professionals.
*Strong organizational skills.
*Strong verbal and written skills.
*Excellent interpersonal skills.
*Bachelor?s degree, or relevant work experience.
*Relevant Technical Security Certifications (GIAC, EC-Council, Offensive Security, etc.)