Serve as a technical lead within the FIS Cyber Threat Hunting (CTH) program, driving proactive, hypothesis-based threat hunts across endpoint, network, identity, and cloud telemetry to uncover stealthy adversary activity, leading to reductions in attack dwell time in the FIS environment. Execute complex investigations using enterprise-level EDR and SIEM platforms, correlate multi-source evidence, and rapidly scope, contain, and support remediation for incidents including malware, credential compromise, and unauthorized access, while clearly documenting hunt outcomes and investigative conclusions. Translate threat intelligence and adversary TTPs into high-fidelity behavioral analytics mapped to frameworks such as MITRE ATT&CK. Partner with the Security Operations Center, Penetration Testing Teams, and Detection Engineering stakeholders to operationalize successful hunts into durable detections and improved response playbooks. Automate and scale hunting and investigative workflows through scripting languages (PowerShell/BASH), enrichment, and data analysis to improve speed, consistency, and signal quality. Lead threat hunting efforts in newly acquired or integrating M&A environments, where you will be required to rapidly assess unfamiliar architectures, establish baselines, and identify inherited risk and latent compromise. Hunt for pre- and post-acquisition adversary activity while informing integration and risk-reduction strategies.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Senior