In this highly visible role, you will perform research and analysis searching for indications of advanced threat actors existing on the network. Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise. Works with the Cyber Security Research and Development team to operationalize new and innovative techniques of discovering advanced threat actors. Works in Global Information Security in the Cyber Security Defense organization to ensure there are good data sources to enrich hunting capabilities.
- 4-7 years of background in information security, cyber security or network engineering.
- Must understand typical threat actor profiles, the typical indicators associated with those profiles, and be able to synthesize the two to develop innovative techniques to detect threat actor activity.
- Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
- Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
- Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise
- Ability to analyze logs, normalize and perform automated log correlations utilizing big data analysis or hunt tools to identify anomalous and potentially malicious behavior
- Strong experience with Digitial forensics on host or network from malware perspective, ability to identify anomalous behavior on network or endpoint devices
- Experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security, and security monitoring solutions (NSM,DLP,Insider, etc)
- Self-starting, organized, proactive, and requiring minimal management oversight.
- Ability to quickly learn new and complex concepts.
- Strong analytical skills/problem solving/conceptual thinking/attention to detail.
- Ability to work effectively with peers and multiple levels of management.
- Well organized, thorough, with the ability to balance and prioritize competing priorities.
- Excellent verbal and written communication skills across multiple levels of the organization.
- A passion for Cyber Threat Hunting, research, and uncovering the unknown about threats and threat actors
- Bachelors degree in Computer Science.
- Ability to effectively code in a scripting language (Python, Perl, etc.)
- Ability to understand big data and query languages (Splunk, SQL, etc)
- Experience with either Red team or Blue team operations and ability to think both like an attacker and defender.
- Experience setting up infrastructure to support Hunt Team operations
- Previous experience working in the financial industry