Senior Adversary Hunter - Capabilities Development

2-3 years of experience in Capabilities Development, Threat Hunting, Network-Based Intrusion Analysis, Vulnerability Analysis, and/or Detections Development. Experience with software development in C#, Python, or similar languages. Familiarity with pivoting across the Diamond Model, all stages of the Kill Chain, and MITRE ATT&CK. Strong report writing skills, with experience producing technical intelligence reports for operational teams and customer-facing audiences. Demonstrated knowledge of adversarial Threat Groups, including tactics, techniques, procedures, and the adversary lifecycle. Experience contributing to cross-functional projects and collaborating with internal and external teams. Knowledge of network analysis and common malware functionality and operations.

Contribute to the development of complex features that enhance system performance, reliability, and usability. Author design documentation for small-to-medium projects, collaborating closely with threat hunt, research, intelligence, product and engineering teams. Support technical excellence by refining coding standards, building processes and testing frameworks. Diagnose and resolve complex defects, delivering robust solutions independently. Communicate progress clearly, present demos, and coordinate timely feature releases within the team. Support multiple Threat Groups and TATs concurrently, contributing to WorldView reporting and Synapse-based assessments. Assist in representing the team in Year in Review and webinars, preparing materials and supporting senior SMEs. Improve and document analysis methodologies, identify opportunities for automation in Synapse, and recommend solutions to visibility gaps in telemetry and data sources. Apply expertise in network telemetry tools (e.g., NetFlow, Censys, Shodan) and file-based analysis platforms (e.g., VirusTotal, Joe Sandbox) to support threat hunting and adversary tracking. Utilize Synapse and Storm Query Language for data modeling, threat hunting, and investigative workflows, while contributing to improvements in data interrogation tools. Contribute to external intel-sharing relationships aligned with assigned industries, supporting senior staff in fostering collaboration. Provide hunting support during surge events and incident response engagements, including triage under supervision.