Cyber Threat Management Analyst, Specialist

About The Position

Requirements

• 3 - 5 years of experience in threat hunting, detection engineering, incident response, or security operations.
• Strong understanding of threat actor tactics, techniques, and procedures (TTPs) and modern attack methodologies.
• Hands-on experience with enterprise telemetry and security platforms (EDR, SIEM, network monitoring, cloud security tools).
• Proven application of the MITRE ATT&CK framework for threat detection, gap analysis, and adversary mapping.
• Proficiency in scripting and query languages (Python, PowerShell, KQL, SQL, or equivalent).
• Experience with data analysis and large-scale investigation workflows .
• Strong written and verbal communication skills, with the ability to translate technical findings into business-relevant risk .
• Experience working in cross-functional security teams (SOC, IR, Threat Intelligence, Detection Engineering).

Nice To Haves

• Relevant certifications (e.g., CISSP, GCFA, GCIH, GCDA, or equivalent ) preferred.

Responsibilities

• Lead proactive threat hunting operations across enterprise environments, including adversary emulations, live hunts, and investigative assessments.
• Identify anomalous behaviors and translate findings into actionable detections.
• Apply hypothesis-driven hunting methodologies , leveraging threat intelligence, behavioral analytics, and the MITRE ATT&CK framework to identify gaps in detection and control coverage.
• Analyze telemetry across the enterprise security stack (endpoint, network, identity, cloud, email, SIEM/XDR) and pivot across datasets to identify advanced threats and hidden attacker activity.
• Identify and validate adversary techniques , mapping observed activity to ATT&CK and informing improvements to detection logic, alerting, and response workflows.
• Enhance detection engineering efforts by developing, tuning, and validating rules, analytics, and behavioral detections based on hunt findings and adversary simulations.
• Leverage scripting and automation (e.g., Python, PowerShell, KQL, SQL) to scale threat hunting activities, enrich data, and improve investigative efficiency.
• Utilize advanced analytics and AI-assisted techniques to accelerate the identification of suspicious or malicious activity.
• Collaborate across CSOC and engineering teams to validate findings, operationalize detections, and strengthen defensive capabilities.
• Produce clear and actionable reporting , including hunt reports, detection gap analyses, and executive summaries that translate technical findings into business risk and recommended actions.
• Support incident response when required , providing deep investigative expertise, threat context, and rapid escalation of critical findings.
• Mentor and guide team members , sharing threat hunting methodologies, tooling expertise, and investigative techniques to improve overall team capability and maturity.
• Continuously evaluate and improve hunt processes , tooling, and methodologies to advance threat hunting maturity and operational effectiveness.

Benefits

• comprehensive health and wellness care
• work-life balance
• an investment in your future