Threat Hunt Lead

About The Position

Requirements

• Required Certifications GCIA, GCIH or GFCA OR CEH
• Education, Background, and Years of Experience Bachelor’s degree in computer science, Engineering, STEM, Information Technology, or Cybersecurity
• A minimum of five (5) years of experience as a Tier 3 senior cyber threat hunt analyst performing threat analysis, technical analysis, and network asset traversal.
• A minimum of five (5) years of hands-on experience with experience in the last two (2) years that includes host and network-based security monitoring using cybersecurity capabilities.
• Applicant will possess a strong cyber security background with experience in host and network-based forensics related to the identification of advanced cyber threat activities, intrusion detection, malware identification, and security content development (e.g., signatures, rules, queries etc.).
• Shall have experience interpreting a variety of scripts or programming languages to support cyber threat hunts or malware analysis in a variety of formats, such as VB scripts, Python, PowerShell, JavaScript, and HTML, XML or other types needed for analysis.
• Candidates will have experience in conducting cyber threat hunt analysis, utilizing cyber threat intelligence to identify and prioritize tactics, techniques, and procedures to hunt against.
• Have a deep knowledge of capabilities and experience with security information and event management (SIEM) and networked-device management tools such as Splunk and EDR solutions.
• Candidates will have experience in maintaining a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats actors and activities to enhance cybersecurity posture of the organization’s IT operating environment.
• Will work with the Cyber Threat Intelligence team to report significant findings of importance to leadership as well as coordinate with Pentest team and asset owners to deconflict findings.
• Candidate will lead the Cyber Threat Hunt team to propose corrective actions and inform the necessary parties of security issues, reportable offenses, or cybersecurity best practices.
• Candidate will have strong written and oral communication skills

Nice To Haves

• GFCA, GREM, GFNA,OSCP, GPEN

Responsibilities

• Leads threat hunting across large enterprise environments, leveraging cyber threat intelligence (CTI) to design TTP or hypothesis hunts and collaborating with detection engineering, incident response, and asset owners to validate and remediate findings.
• Plan, schedule and execute hunts based on adversary tactics, techniques, and procedures (TTPs); pivot across host, cloud and network telemetry to uncover unknown threats.
• Develop and interpret detections and analytics, coordinate remediation efforts with asset owners and incident response teams.
• Communicate significant findings to USG leadership; maintain a prioritized hunt backlog and track success metrics.