Cyber Threat Hunt Lead

About The Position

Requirements

• Five (5) years' experience as a Tier III senior cyber threat hunt analyst performing threat analysis, technical analysis, and network asset traversal.
• Five (5) years of hands-on experience with experience in the last two (2) years that includes network-based security monitoring using cybersecurity capabilities.
• Possess a strong cyber security background with experience in host and network-based forensics related to the identification of advanced cyber threat activities, intrusion detection, malware identification, and security content development (e.g., signatures, rules, etc.).
• Experience interpreting scripts to support cyber threat detection in a variety of formats, such as VB scripts, Python, C++, and HTML, XML or other types needed for analysis.
• Experience in conducting cyber threat hunt analysis, utilizing cyber threat intelligence to identify and prioritize tactics, techniques, and procedures to hunt against.
• Deep knowledge of capabilities and experience with Security Information and Event Management (SIEM) and networked-device management tools such as Splunk and Tanium.
• Experience in maintaining a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats actors and activities to enhance cybersecurity posture of the organization’s IT operating environment.
• CISSP
• TS, SCI-eligible.

Responsibilities

• Plan and execute TTP-based hunts; pivot across host/network telemetry to discover unknown threats.
• Develop/interpret detections and analytics, coordinate remediation with asset owners and IR.
• Work with the Cyber Threat Intelligence team to report significant findings of importance to leadership as well as coordinate with asset owners to deconflict findings.
• Lead the Cyber Threat Hunt team to propose corrective actions and inform the necessary parties of security issues, reportable offenses, or cybersecurity best practices.