Sr Threat Hunter

NorthAB LLC

About The Position

Sr. Threat Hunter North- Eastern Time Zone Only What you'll be doing: Conduct proactive threat hunts and adversary emulation to identify adversary activity, cyber risks and anomalies. Identify potential vulnerability exploitation at network, endpoint, application and cloud levels. Capture samples to perform malware analysis and fundamental reverse engineering. Analyze scripts and code artifacts in languages such as Powershell, Python, VBScript, C++, HTML, XML, and others necessary for threat identification and response. Evaluate, analyze and synthesize large quantities of data to uncover anomalous activity capable of introducing risk to North environments. Work closely with other cybersecurity teams and operational technology owners to investigate anomalous findings, contribute to detection logic improvements and verify security control implementations. Capture hunt byproducts indicative of poor cyber hygiene practices, company policy violation or misuse. Define, track, and report key metrics that assess hunt effectiveness, analytic performance, and program maturity. Design and write scripts to help expedite repetitive tasks or complex detection logic. Support incident response cases, as needed. Analyze telemetry across network, endpoint, cloud, and other log sources to differentiate between benign and malicious behavior.

Requirements

Education: Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or relevant equivalent experience.
Experience: 7+ years of relevant experience (SOC, IR, Malware Research, Red Team).
Strong background in cybersecurity domains including: Vulnerability exploitation detection; Malware identification and Reverse Engineering fundamentals; security content and signature development
Experience conducting hunts or incident response across networks, endpoints, cloud and application environments.
Demonstrated ability to interpret and write automated scripts and programming code to support detection efforts.
Working knowledge of TTPs used for EDR evasion, vulnerability and zero-day exploitation investigations (network, endpoint, application level).
Knowledge of threat hunting methodologies and hypothesis-driven analytic techniques.
Strong technical background in security tooling and detection engineering principles
Attention to details and focus on tactical execution

Nice To Haves

Relevant certifications (e.g.,SANS GCFA/GNFA/GCTI, OSCP (for offensive knowledge), or CISSP) preferred.

Responsibilities

Conduct proactive threat hunts and adversary emulation to identify adversary activity, cyber risks and anomalies.
Identify potential vulnerability exploitation at network, endpoint, application and cloud levels.
Capture samples to perform malware analysis and fundamental reverse engineering.
Analyze scripts and code artifacts in languages such as Powershell, Python, VBScript, C++, HTML, XML, and others necessary for threat identification and response.
Evaluate, analyze and synthesize large quantities of data to uncover anomalous activity capable of introducing risk to North environments.
Work closely with other cybersecurity teams and operational technology owners to investigate anomalous findings, contribute to detection logic improvements and verify security control implementations.
Capture hunt byproducts indicative of poor cyber hygiene practices, company policy violation or misuse.
Define, track, and report key metrics that assess hunt effectiveness, analytic performance, and program maturity.
Design and write scripts to help expedite repetitive tasks or complex detection logic.
Support incident response cases, as needed.
Analyze telemetry across network, endpoint, cloud, and other log sources to differentiate between benign and malicious behavior.