5+ years of experience
Concerned about your lack of experience? Learn More...
Employment Type:
Full time
Job Category:
Information Services
Senior Cyber Security Threat Hunter
(This job is no longer available)
Grad Date

Not sure what types of jobs you are interested in?

Explore Jobs
Based on Your Education

Follow This Company

Job Description


Senior Cyber Security Threat Hunter

Salary: $125k to $132k Flex $150 + 15%

Schaumburg, Chicago - preferred or Tulsa, OK, Knoxville, TN, Madison, WI

Looking for a Cyber Security Threat Hunter incident response detect, design and build custom tools forensics analysis of network packet. Captures DNS Proxy NetFlow Malware Host based strong knowledge of SOC detecting advanced adversaries creating automation logs automation Splunk ELX NetFloew PCAP Analysis 20-25 different security tools; FOR508 certification a plus


  • Coordinate threat hunting activities across the network leveraging intelligence from multiple internal and external sources, as well as cutting-edge security technologies
  • Design and build custom tools for investigations, hunting, and research
  • Assist in the design, evaluation, and implementation of new security technologies
  • Lead response and investigation efforts into advanced/targeted attacks
  • Hunt for and identify threat actor groups and their techniques, tools and processes
  • Identify gaps in IT infrastructure by mimicking an attacker's behaviors and responses
  • Provide expert analytic investigative support of large scale and complex security incidents
  • Perform Root Cause Analysis of security incidents for further enhancement of alert catalog


  • BS in Computer Science or related field, or equivalent experience
  • Industry Cyber Security Certifications including; CEH, CISSP-ISSEP, CISSP-ISSAP, GIAC Certified Incident Handler (GCIH), Certified Computer Security Incident Handler (CSIH), Splunk Certified Knowledge Manager, Splunk Certified Admin, or Splunk Certified Architect.


  • 5+ years of relevant cyber security experience in IT Security, Incident Response or network security with strong knowledge working in a SOC
  • Experience with the incident response process, including detecting advanced adversaries, log analysis using Splunk, ELK, or similar tools, and malware triage
  • Knowledge of the Cyber Kill Chain and the Diamond Model of Analysis
  • Experience with creating automated log correlations in Splunk, ELK, or a similar tool to identify anomalous and potentially malicious behavior
  • Experience with Netflow or PCAP analysis
  • Experience with a common Scripting or programming language, including Perl, Python, Bash or Shell, PowerShell, or batch
  • Experience with the Windows file system and registry functions or.NIX operating systems and command line tools
  • Knowledge of the underlying logic that security alerts are built upon and apply them when analysing raw logs and creating new dashboards and alerts
  • Knowledge of typical behaviors of both malware and threat actors and how common protocols and applications work at the network level, including DNS, HTTP, and SMB


Applicants must be eligible to work in the specified location