Lead Analyst - Hunt Team

As a Lead Analyst on the Hunt team, you’ll be the first line of response as you assess information security events and incidents across our customers’ environments.

Required Experience:

7

+ Years
Job Locations:

Remote

Location Restrictions:

Travel

Basic Qualifications and

In this role, you will collaborate and utilize problem solving skills as you work among a team of skilled analysts to address complex problems and add value to the organization and our customers. The team is looking for a highly motivated individual with a passion for research and uncovering cybersecurity threats and threat actors. 

We are on a mission to protect and defend our customers, enable better risk-informed business decisions, and drive innovation and excellence within Cyber Security. Come be a part of a growing team that is doing important, challenging, and fulfilling work in support of that mission.

Responsibilities
  • The Lead Analyst – Hunt Team provides incident detection and response services for our CyberDNA managed NSM service.
  • Organize and lead proactive threat-based investigations to identify anomalous activity indicative of active compromise, previous compromise, misconfigurations, or other notable observations to support the protection of our customers’ environments
  • Create, update, and maintain detection methodology and provide expert support (including off hours) to analyze and triage potential incidents.
  • Take work outputs from hunts and investigations and guide customers to take necessary action(s) in order to successfully remediate identified issues.
  • Research new cyber threats, actors, and technologies that impact our customers and industry.
  • Maintain awareness within the threat intelligence community of vulnerabilities being exploited and provide comprehensive assessments on the impact to our environment.
  • Translate threat intelligence into detection and hunting strategies, hypotheses, and queries.
  • Utilize tools and advanced techniques to hunt and identify threats and actor groups and their motives, techniques, tools, and methods.
  • Identify anomalous behavior on the network or endpoint devices of our customers and be able to provide an assessment of threat actor, malware, and other behaviors.
  • Provide one-on-one mentoring to peers and junior analysts; serve as subject matter expert (SME) and escalation point for rest of the team.
  • Develop and administer formal and ad-hoc team training courses.
  • Periodically write and present assessment reports to peers, management, and/or customers.
  • Find the bad guys and generally have fun (and satisfaction) kicking them out of places they shouldn’t be!

Required Skills and Experience
  • Bachelor’s degree in computer science, information security or equivalent practical work experience.
  • 7+ years of hands-on experience responding to cyber-attacks with prior experience in security operations, incident response, cyber threat intelligence, and malware analysis.
  • Thorough understanding of intermediate to advanced security and network concepts (OSI model, TCP/IP networking stack, firewalls, IDS/IPS, other networking technologies, etc.).
  • Excellent technical knowledge of operating systems(e.g., Windows, macOS, Linux/Unix) and a wide range of security technologies(e.g., network security appliances, vulnerability scanners, anti-malware solutions, SIEM tools, advanced threat protection systems, and automated policy compliance and desktop security tools).
  • Familiarity with technologies such as VPN, Active Directory, virtualization platforms, and databases.
  • Detailed working knowledge of network monitoring, system log analysis, troubleshooting, and configuration control technologies.
  • Strong understanding of industry security best practices and standards.
  • Ability to work in a fast-paced, operational, and team-oriented environment (including non-standard work hours in response to Information Security incidents).
  • Ability to demonstrate analytical mindset, close attention to detail, excellent critical thinking, logic, and adaptive learning (while balancing speed and thoroughness).
  • Ability to navigate ambiguity and develop working business relationships.
  • Superior knowledge of common attack methods and their detection techniques.
  • Experience providing managed NSM services to multiple customers is a plus.
  • Understanding of malware analysis and ability to perform basic static and dynamic analysis.
  • Consumption, analysis, and production of tactical threat intelligence.
  • Hands-on experience with firewalls, routers, and other security appliances.
  • Familiarity with security instrumentation and incident response in cloud environments.
  • Experience with McAfee Endpoint Security or other Endpoint Security tools (e.g., Crowdstrike, Cylance, Tanium, Carbon Black)
  • Professional certification in cyber/information security (GCIA, GCIH, GCFA, CISSP, etc.)

Interested in this position?
Fill out the form below!