Cyber Threat Detection and Hunting, AVP
About The Position
In this role you will focus on proactively hunting for threat actor's tactics, techniques, procedures, and behaviors based on Threat Intelligence and formed hypotheses. You will use your knowledge of networking, operating systems, SIEM, EDR and threat hunting tools to find adversaries, identify gaps in detection and cyber hygiene, and recommend improvements to detection rules. You will assist in incident response with threat actor behavior, IoC based hunting, and track and measure the value of threat hunting activity. You will work closely with a highly skilled team of individuals globally, collaborating across lines of defense, businesses, and technology teams disseminating threat hunting activity and risk mitigation results. This is a 24/7 Cybersecurity Operations organization so you may be occasionally required to perform threat hunting work after hours or on weekends in support of a cyber incident or other threat related requirement.
Requirements
- 3+ years of prior Threat Hunting or Incident Response experience
- Proficiency in Python, PowerShell, or Bash for automation, data parsing, and custom tooling.
- Experience writing detection logic using SIGMA, YARA, Splunk SPL, or KQL.
- Ability to develop and maintain scripts for threat hunting workflows and incident response.
- Knowledge of forensic tools like Volatility, Autopsy, FTK, or EnCase.
- Knowledge of industry standards and frameworks such as NIST, MITRE ATT&CK, TAHITI, PEAK
- Knowledge of SIEM, EDR, Networking, Operating Systems, and Scripting Languages
- 3+ years overall experience working in a global organization
- Minimum of 3 years working directly in Cybersecurity Operations
- Experience working within the Financial Services Industry preferred
- Relevant technical and industry certifications a plus such as CISSP, ISSMP, SANS, GCIA, CISM, EnCE, CEH, GCFA, GCFE, GCIH, or GSEC
Responsibilities
- Perform threat hunts using SIEM, EDR and Threat Hunting Tools, based on threat intelligence, threat actor TTPs and IOCs, and Threat Hunting hypotheses
- Weekly/Monthly tracking and reporting of Threat Hunting activity, progress, metrics
- Threat Hunting supporting incident response
- Serve as backup and rotation for Threat and Vulnerability Intelligence functions
- Support audit and regulatory exams
- Administer tools and platforms and related technologies to support Threat Hunting
- Document and maintain processes and procedures
- Presentations to stakeholders and senior leaders
Benefits
- comprehensive health and wellness benefits
- retirement plans
- educational assistance and training programs
- income replacement for qualified employees with disabilities
- paid maternity and parental bonding leave
- paid vacation, sick days, and holidays
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Industry
Securities, Commodity Contracts, and Other Financial Investments and Related Activities
Education Level
No Education Listed
