Principal, Cyber Security Threat Management
Sorry, this job was removed at 11:33 a.m. (CST) on Tuesday, July 19, 2022
By clicking Apply Now you agree to share your profile information with the hiring company.
- Plan, scope, lead and participate in threat hunt missions, using threat intelligence, independent research, previously identified suspicious or anomalous activity, previous events/incidents (simulated or real) and brainstorming sessions.
- Independently research emerging threats and adversary TTP's in preparation and support of Threat Hunt missions.
- Convert intelligence into actionable threat hunting hypotheses and suppositions.
- Develop KQL queries and/or leverage other security tools to hunt for anomalous or malicious behavior within large sets of data.
- Analyze results of hunts to identify and report on security threats or risks. Provide mitigation, best practices, and technical control recommendations, when possible.
- Identify, research, and recommend/implement improvements to logging, monitoring and detection capabilities against emerging threats.
- Assist NTC3 as a member of the IR team during major incidents by providing advanced event and incident analysis and, when needed, forensic analysis.
- Identify and/or develop opportunities for workflow automation.
- Create and deliver presentations and trainings to audiences of all levels.
- Train and mentor junior threat hunters.
Desired Skills
- Strong attention to detail
- Self-motivated individual who will take ownership of tasks and projects
- Familiar with adversary techniques and attack lifecycles
- Understanding of threat hunting methodologies
- Ability to be discrete and exercise judgment while performing job duties
Desired Experience
- Bachelor's degree in a relevant field or comparable work experience
- Experience defending or responding to simulated or real-world attacks
- Experience with MITRE ATT&CK Framework
- 5+ years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.
- Technical Security certifications (Ex: OSCP, SANS GIAC, CISSP)
Read Full Job Description