Primary Responsibilities:
• Plan, conduct, and document iterative, hypothesis-based threat hunts.
• Analyze and investigate anomalies for potential risk across the full spectrum of cyber threats.
• Review and analyze Security Information and Event Management (SIEM) alerts to develop hunt hypotheses.
• Propose, discuss, and document custom searches for automated detection of threat actor activity based on hunt findings.
• Utilize open-source intelligence to inform hunt hypothesis development.
• Track and document cybersecurity incidents from detection to resolution.
• Provide computer forensic support during investigations, including evidence seizure, computer forensic analysis, and data recovery.
• Conduct malware analysis including static and dynamic analysis of complex malware.
• Proactively assess the compute environment for patterns and anomalies, tagging events for Tier 1 & 2 monitoring.
• Collect and analyze data from compromised systems using EDR agents and custom scripts.
• Attend daily Agile Scrum meeting and report progress on activities.
• Support the development of deliverables including Hunt Hypotheses, Hunt Reports, Detection Logic, and Incident Reports.
•
Respond to cybersecurity major incidents and assist with mitigation, remediation, and post incident reviews.
Knowledge & Skills Required:
• Minimum of 5 years of experience in cybersecurity threat hunting or incident response roles.
• Proficiency with threat hunting methodologies, tools, and techniques.
• Experience with IT Service Management ticketing systems (ServiceNow preferred).
• Strong understanding of cloud-based and non-cloud-based applications such as Microsoft Azure, Microsoft O365, Microsoft Active Directory.
• Advanced knowledge of Security Information and Event Management (SIEM) systems.
• Experience with Endpoint Detection and Response (EDR) agents such as CrowdStrike.
• Ability to conduct malware analysis, including static and dynamic analysis.
• Excellent communication and teamwork skills.
Education Required: High school or GED
Education Preferred:
• Bachelor’s degree in computer science, computer engineering, software engineering, cybersecurity, or related field.
• Cybersecurity focused certifications such as GCIA, GSEC, GMON, Security+
Experience:
5-8 years
We are an equal opportunity employer, and we strictly prohibit and do not tolerate discrimination against employees, applicants or any other covered persons because of race, color, religion, national origin or ancestry, sex, pregnancy, sexual orientation, marital status, gender identity or expression, age, disability, genetic information, veteran status, or any legally protected characteristic.