Senior/Principal Threat Hunting Analyst
Due to continued growth across our client’s cyber division, we are looking to appoint an experienced professional to develop and lead the new threat hunting capability at the heart of our client’s threat hunting service.
The successful applicant will have a true passion for cyber security, and a relentless desire to stay ahead of the adversaries, evidenced by significant continuous professional development. You will have the ability to shape the service, developing and leading a team including training and coaching junior cyber analysts, developing threat hunting capability from Level 1 to Level 2 and beyond (ref. UK Government Threat Hunting Capability Maturity Model, “Detecting the Unknown: A Guide to Threat Hunting”, v2.0 March 2019“)
Key Accountabilities Include:
- Proactively search and detect advanced persistent attacks underway on a system
- Reverse engineer and analyse attacks (including malware) to understand their tools, methods and root causes
- Creating hypotheses and investigate using modern tools and techniques
- Create use cases for detecting new threats, either as a result of research, collaboration (e.g. red/purple teaming), Threat Intelligence (TI), in response to incidents, or using your intuition
- Engage in research projects regarding detection methods
- Summarise findings in the form of blogs, reports or whitepapers, tailoring the technical content to suit the intended audience
- Lead a team in a complex organisational environment that does all of this drawing on expertise from other areas as required
- Deliver effectively in an operational environment fully integrated with our other cyber security services, meeting targets and delivering to service level agreements
- Develop the maturity of the Threat Hunting capability
- Coach and train more junior cyber analysts to become capable threat hunting analysts
The successful candidate will have experience of working in an information security role in an operational environment, able to proactively detect Advanced Persistent Threats, in addition to Hacktivists, ‘Script Kiddies’ and other adversaries.
You will have experience utilizing threat hunting tools, big data platforms, Security Information and Event Management (SIEM) experience, ideally both Splunk and LogRythym.
You will have the ability to lead a service, and work effectively alongside individuals with varying levels of experience, adapting quickly to the challenges of the role.