Job Description

Job Title: Cyber Threat Hunter
Job Location: Texas

Responsibilities:

  • Hunt for and identify threat actor groups and their techniques, tools, and processes
  • Participate in "hunt missions" using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect an eradicate threat actors on the company's network
  • Provide expert analytic investigative support of large scale and complex security incidents
  • Perform analysis of security incidents for further enhancement of alert catalog
  • Continuously improve processes for use across multiple detection sets for more efficient TMC operations
  • Document best practices with the TMC staff using available collaboration tools and workspaces
  • Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed
  • Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc.
  • Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors
  • Passion for research and uncovering the unknown about internet threats and threat actors

Required Qualifications:

  • Bachelor’s degree or relevant work experience
  • Relevant technical security certifications (GIAC, EC-Council, Offensive Security, etc.)
  • Six+ years overall IT Infrastructure experience
  • Three+ years of recent operational security experience (SOC, Incident Response, Malware Analysis, IDS/IPS Analysis, etc.)
  • Experience with several of the following topics:
    • Malware analysis
    • APT/crimeware ecosystems
    • Exploit kits
    • Cyber Threat intelligence
    • Software vulnerabilities and exploitation
    • Data analysis
    • Dark web intelligence
  • Demonstrated knowledge of Linux/UNIX and Windows operating systems
  • Demonstrated knowledge of the Splunk search language, search techniques, alerts, dashboards and report building
  • Experience with Snort, Bro, or other network intrusion detection tools
  • Detailed understanding of the TCP/IP networking stack and network technologies
  • Working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.)
  • Nominal understanding of regular expression and at least one common scripting language (PERL, Python, Powershell)
  • Strong collaborative skills and proven ability to work in a diverse global team of security professionals
  • Strong organizational skills
  • Strong verbal and written skills
  • Excellent interpersonal skills

QBH#: 2170

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online