Cyber Security Analyst Leads – Cyber Threat Hunting

FIS GlobalJacksonville, FL
Onsite

About The Position

FIS Management Services, LLC seeks Cyber Security Analyst Leads – Cyber Threat Hunting in Jacksonville, FL to serve as a technical lead within FIS Cyber Threat Hunting (CTH) program, driving proactive, hypothesis-based threat hunts across endpoint, network, identity and cloud telemetry to uncover stealthy adversary activity leading to reductions in attack dwell time in the FIS environment. Execute complex investigations using enterprise level EDR and SIEM platforms, correlate multi-source evidence and rapidly scope, contain and support remediation for incidents including malware, credential compromise and unauthorized access while clearly documenting hunt outcomes and investigative conclusions. Translate threat intelligence and adversary TTPs into high-fidelity behavioral analytics mapped to frameworks such as MITRE ATT&CK, and you will partner with the Security Operations Center, Penetration Testing Teams and Detection Engineering stakeholders to operationalize successful hunts into durable detections and improved response playbooks. Automate and scale hunting and investigative workflows through scripting languages (PowerShell/BASH), enrichment and data analysis to improve speed, consistency and signal quality. Lead threat hunting efforts in newly acquired or integrating M&A environments, where you will be required to rapidly assess unfamiliar architectures, establish baselines, and identify inherited risk and latent compromise. Hunt for pre- and post-acquisition adversary activity while informing integration and risk-reduction strategies.

Requirements

  • Bachelor’s degree or foreign equivalent in Computer Science, Cyber Security, Digital Forensics, or related field and seven (7) years of progressively responsible experience in investigating endpoint-based security threats using enterprise Endpoint Detection and Response (EDR) solutions.
  • Analysis of behavioral detections, process execution trees, command-line activity, and persistence mechanisms to identify and contain malicious activity.
  • Developing, tuning, and investigating security detections using SIEM platforms in an enterprise environment.
  • Analysis of authentication logs, endpoint telemetry, network events, and cloud audit logs.
  • Supporting cybersecurity incident response activities, including triage, scoping, containment, and remediation of incidents.
  • Utilizing scripting languages including Python, PowerShell, and Bash to automate security workflows, analyze security data, enrich security alerts, or support incident investigations.
  • Consuming and applying threat intelligence, including indicators of compromise (IOCs), adversary tactics and techniques, and open-source intelligence, to enhance security detections and investigations.
  • Master’s degree in the above listed fields and five (5) years of experience in the above listed skills.

Responsibilities

  • Serve as a technical lead within the FIS Cyber Threat Hunting (CTH) program.
  • Drive proactive, hypothesis-based threat hunts across endpoint, network, identity, and cloud telemetry.
  • Uncover stealthy adversary activity to reduce attack dwell time.
  • Execute complex investigations using enterprise-level EDR and SIEM platforms.
  • Correlate multi-source evidence to scope, contain, and support remediation for incidents.
  • Document hunt outcomes and investigative conclusions.
  • Translate threat intelligence and adversary TTPs into high-fidelity behavioral analytics mapped to frameworks like MITRE ATT&CK.
  • Partner with Security Operations Center, Penetration Testing Teams, and Detection Engineering stakeholders.
  • Operationalize successful hunts into durable detections and improved response playbooks.
  • Automate and scale hunting and investigative workflows through scripting languages (PowerShell/BASH).
  • Lead threat hunting efforts in newly acquired or integrating M&A environments.
  • Assess unfamiliar architectures, establish baselines, and identify inherited risk and latent compromise in M&A environments.
  • Hunt for pre- and post-acquisition adversary activity.
  • Inform integration and risk-reduction strategies for M&A environments.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service