Lead, Threat Hunter

About The Position

Requirements

• 10 years of cybersecurity experience
• 5 years of those years in the trenches focused on DFIR/Threat Hunts

Responsibilities

• Mold the long-term threat hunting roadmap, including strategy, data ingestion requirements, and coverage metrics.
• Provide operational oversight during threat hunts, ensuring objectives are defined, hunt methodology is established and timeframes are met.
• Mentor and guide junior analysts in hunting methodologies, query optimization, and forensic analysis.
• Deep technical expertise in performing DFIR and adversary threat hunts, across diverse environments (corporate systems, cloud - AWS/GCP/Azure, and operational technology networks).
• Strong experience performing DFIR on Android IoT devices.
• Extensive experience utilizing enterprise security tooling (SIEM, EDR, etc.) as well as developing proprietary tools/scripts to scale the team’s capabilities.
• Experience utilizing sandboxing technology to aid in the analysis of suspicious binaries and scripts; hands-on reverse engineering experience a plus.
• Map findings to the MITRE ATT&CK framework to identify coverage gaps and improve detection posture.
• Well versed in using cyber threat intelligence to update requirements, prioritize collection sources and integrate technical TTPs to inform and prioritize hunts.
• Create and tune high-fidelity detection rules (e.g., Splunk SPL, YARA, Sigma) based on hunt findings to prevent future recurrence.
• Assist with the development of technical table top exercises, ensuring scenario applicability to the organization’s risk profile and align to real world cyber events.
• Collaborate with Cybersecurity, Engineering, and Product teams to help plan, and execute threat hunts, providing detailed findings and data backed recommendations for cybersecurity and architectural improvements.
• Work closely with the Offensive Security team to help perform regular testing and validation of custom detection rules.
• Serve as a Tier 3 escalation point for SOC analysts; perform deep-dive root cause analysis on complex security incidents.

Benefits

• Flexible PTO: We offer non-accrual PTO, plus 11 company holidays.
• Fully-paid health benefits plan for employees: including Medical, Dental, and Vision and an HSA match.
• Family Leave: All employees receive 12 weeks of 100% paid parental leave. Birthing parents are eligible for an additional 6-8 weeks of physical recovery time.
• Fertility & Family Benefits: We have partnered with Maven, a complete digital health benefit for starting and raising a family. Flock will provide a $50,000-lifetime maximum benefit related to eligible adoption, surrogacy, or fertility expenses.
• Spring Health: Spring Health offers a variety of mental health benefits, including therapy, coaching, medication management, and digital tools, all tailored to each individual's needs.
• Caregiver Support: We have partnered with Cariloop to provide our employees with caregiver support
• Carta Tax Advisor: Employees receive 1:1 sessions with Equity Tax Advisors who can address individual grants, model tax scenarios, and answer general questions.
• ERGs: We want all employees to thrive and feel like they belong at Flock. We offer four ERGs today - Women of Flock, Flock Proud, LEOs and Melanin Motion. If you are interested in talking to a representative from one of these, please let your recruiter know.
• WFH Stipend: $150 per month to cover the costs of working from home.
• Productivity Stipend: $300 per year to use on Audible, Calm, Masterclass, Duolingo and so much more.
• Home Office Stipend: A one-time $750 to help you create your dream office.