Threat Hunting Specialist - Information security

Summary

We are seeking a highly experienced and proactive Cybersecurity Senior Specialist to join our dedicated threat hunting team. In this senior role, you will be at the forefront of our defence strategy, proactively identifying, isolating, and neutralizing advanced cyber threats before they can impact our organization. You will leverage your deep expertise in security analytics, threat intelligence, and incident response to hunt for sophisticated adversaries within our complex network environments.

Detailed Description

• Proactive Threat Hunting: Develop and execute advanced threat hunting missions using a hypothesis-driven approach. Proactively search for indicators of compromise (IOCs) and indicators of attack (IOAs) across endpoints, networks, and cloud environments.
• Threat Intelligence Integration: Consume, analyze, and operationalize threat intelligence from various sources to inform hunting activities and enhance detection capabilities.
• Advanced Analytics & Tooling: Utilize Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Network Detection and Response (NDR), and other security tools to identify anomalous patterns and malicious activity. Develop and refine custom detection rules and analytics.
• Incident Response: Serve as a subject matter expert during high-priority security incidents. Conduct deep-dive forensic analysis to determine the root cause, scope, and impact of breaches.
• Mentorship & Collaboration: Mentor junior analysts, share knowledge with the wider security team, and collaborate with security engineering to improve security posture and close visibility gaps.
• Reporting & Communication: Clearly document and communicate findings, methodologies, and recommendations to both technical and executive stakeholders.

Knowledge/Skills/Competencies

• Technical Expertise:
• Proficiency with security tools such as SIEM (e.g., Splunk, Sumologic, Sentinel), EDR (e.g., CrowdStrike, SentinelOne), and packet capture analysis tools (e.g., Wireshark).
• Strong understanding of the framework and its application in threat hunting.
• In-depth knowledge of operating systems (Windows, Linux, macOS), network protocols (TCP/IP), and cloud security principles (AWS, Azure, GCP).
• Experience with scripting languages (e.g., Python, PowerShell) for automation and analysis.
• Strong understanding of cloud security concepts, platforms (AWS, Azure, GCP).
• Experience in risk and compliance management and process development in the areas of information technology and security
• Advanced knowledge of risk mitigation and business controls
• Excellent problem resolution and creative problem-solving skills
• Excellent project management skills and strong knowledge of change management processes
• Analytical Mindset: Exceptional analytical, problem-solving, and critical-thinking skills with a keen eye for detail.
• Communication: Excellent written and verbal communication skills, with the ability to articulate complex technical concepts to diverse audiences.

Physical Demands

• Duties of this position are performed in a normal office environment.

• Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.

Typical Experience

A minimum of 8-10 years of hands-on experience in cybersecurity, with at least 5 years dedicated to threat hunting, incident response, or security operations center (SOC) roles

Typical Education

• Bachelor's Degree in Computer Science, Information Security, or a related field.

• Must have at least 2 of the below certifications:

  o  CompTIA Security+

  o  CompTIA Cybersecurity Analyst (CySA+)

  o  CompTIA Advanced Security Practitioner (CASP+)

  o  Certified Ethical Hacker (CEH)

  o  Offensive Security Certified Professional (OSCP)

• Educational Requirements may vary by Geography

Notes

This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.