Threat Hunter

Role & responsibilities

• Operate within a 24/7 Security Operations Center (SOC) environment to provide continuous threat hunting and analysis, ensuring proactive identification of potential security threats.
• Conduct thorough investigations on identified threats, utilizing threat intelligence, behavioral analysis, and anomaly detection to uncover potential security incidents.
• Develop and maintain threat hunting playbooks and standard operating procedures (SOPs) for consistent and effective threat detection and response.
• Utilize advanced threat detection techniques and tools, including endpoint detection and response (EDR), network traffic analysis, and forensic analysis, to identify and neutralize threats.
• Generate detailed incident reports documenting threat analysis, actions taken, and lessons learned for future reference and continuous improvement.
• Participate in red team/blue team exercises o enhance threat detection and response capabilities and identify potential weaknesses in the organization's security posture.
• Stay informed about current threat landscapes, emerging attack techniques, and threat actor tactics, techniques, and procedures (TTPs).
• Assist in developing and fine-tuning security use cases and detection rules to improve the organization's threat detection capabilities.
• Contribute to the continuous improvement of the SOC by suggesting enhancements to processes, tools, and threat detection capabilities.

Skills:

• Threat Hunting
• Advanced Threat Detection
• Incident Investigation
• Behavioral Analysis
• Network Traffic Analysis
• Endpoint Detection and Response (EDR)
• Communication Skills
• Threat Intelligence Analysis
• Incident Triage and Response
• Forensic Analysis

Certifications (Optional but beneficial):

• GIAC Certified Incident Handler (GCIH)
• Certified Threat Intelligence Analyst (CTIA)
• CompTIA Cybersecurity Analyst (CySA+)
• Offensive Security Certified Professional (OSCP)
• Certified Information Systems Security Professional (CISSP)