• Permanent role
• Office hours
• Threat hunting and investigations experience.

We are seeking a skilled and experienced Threat Hunter to join our growing Security Operations team. The ideal candidate will be a proactive and resourceful individual with a passion for identifying and neutralizing advanced threats. This role requires a deep understanding of threat hunting methodologies, a strong analytical mindset, and exceptional communication skills.

Responsibilities

• Conduct proactive threat hunting activities across various environments (endpoints, networks, cloud).
• Develop and maintain threat hunting hypotheses based on current threat intelligence and organizational risk assessments.
• Leverage various threat hunting techniques, including but not limited to, YARA rules, IOC analysis, and behavioral analysis.
• Develop custom scripts and tools to automate threat hunting processes and improve efficiency.
• Analyze security logs, network traffic, and endpoint data to identify malicious activity and potential threats.
• Investigate security incidents and provide detailed reports on findings, including root cause analysis and remediation recommendations.
• Collaborate with other security teams (incident response, vulnerability management, etc.) to share threat intelligence and coordinate security efforts.
• Develop and manage Cyber Threat Intelligence while staying up-to-date on the latest threat landscape, attack techniques, and emerging technologies.
• Present findings and recommendations to technical and non-technical audiences.
• Contribute to the development and improvement of threat hunting strategies and processes.
• Develop and maintain a strong understanding of the organization's infrastructure and applications.

Requirements :

• Bachelor's degree in Computer Science, Cybersecurity, or a related field.
• 3+ years of experience in cybersecurity, with a minimum of 1-2 years focused on threat hunting.
• Strong understanding of various operating systems (Windows, Linux, macOS).
• Experience with various security tools and technologies (SIEM, EDR, network monitoring tools).
• Proficiency in scripting languages (Python, PowerShell).
• Strong analytical and problem-solving skills.
• Excellent communication and presentation skills.
• Experience with threat intelligence platforms and feeds.
• Relevant security certifications (e.g., SANS GIAC, GNFA, GCFA, Offensive Security, etc).
• Experience with cloud security (AWS, Azure, GCP) is a plus.

(EA Licence No. 14C7000)

(EA Personnel Registration No : R1110355)