Experience:
5+ years of experience
Concerned about your lack of experience? Learn More...
Employment Type:
Full time
Posted:
12/26/2017
Job Category:
Information Services
Senior Cyber Security Threat Hunter
(This job is no longer available)
loading
School
Major
Grad Date
 
 

Not sure what types of jobs you are interested in?


Explore Jobs
Based on Your Education

Follow This Company
Share

Job Description

This is a permanent full time role.

Senior Cyber Security Threat Hunter

The Senior Cyber Security Threat Hunter will be responsible for creating new detection methodologies as well as incident response and monitoring functions by detecting, disrupting and eradicating the threat actors from enterprise networks.

Our client's expectations for a candidate

  • Splunk certified knowledge manager, certified admin or certified architect.
  • Netflow or PCAP analysis, Linux/Unix, Snort, Windows.
  • Cyber Kill Chain and Diamond Model of Analysis.
  • Experience in creating automated log correlations in Splunk, ELK or a similar tool.
  • CISSP, GIAC, CEH, GCIH, CSIH certifications highly preferred.

Your responsibilities

  • Create new detection methodologies as well as incident response and monitoring functions by detecting, disrupting and eradicating the threat actors from enterprise networks.
  • Design and build custom tools for investigations, hunting and research.
  • Hunt for and identify threat actor groups and their techniques, tools and processes.
  • Identify gaps in IT infrastructure by mimicking an attacker's behaviors and responses.
  • Perform root cause analysis of security incidents for further enhancement of alert catalog.
  • Forensic analysis of network packet captures, DNS, Proxy netflow, malware, host-based security and application logs, as well as logs from various types of security sensors.

Position requirements

  • 5+ years of experience in cyber security in IT security, incident response or network security with deep knowledge of working in a SOC.
  • College degree in Computer Science or related degree, or equivalent job experience.
  • Splunk certified knowledge manager, certified admin or certified architect.
  • Cyber Kill Chain and Diamond Model of Analysis, Netflow, PCAP analysis, Linux/Unix, Snort, Windows, DNS, HTTP, SMB.
  • Scripting/programming language (Perl, Bash or Shell, PowerShell, Perl, batch).
  • CISSP, GIAC, CEH, GCIH, CSIH certifications highly preferred.

Please feel free to send your resume to me if this is an opportunity you're interested in.

Qualifications

Applicants must be eligible to work in the specified location