Senior Adversary Hunter - Capabilities Development

2–3 years of experience in Capabilities Development, Threat Hunting, Network-Based Intrusion Analysis, Vulnerability Analysis, and/or Detections Development. Experience with software development in C#, Python, or similar languages. Familiarity with pivoting across the Diamond Model, all stages of the Kill Chain, and MITRE ATT&CK. Strong report writing skills, with experience producing technical intelligence reports for operational teams and customer-facing audiences. Demonstrated knowledge of adversarial Threat Groups, including tactics, techniques, procedures, and the adversary lifecycle. Experience contributing to cross-functional projects and collaborating with internal and external teams. Knowledge of network analysis and common malware functionality and operations.

Contribute to the development of complex features enhancing system performance, reliability, and usability. Author design documentation for small-to-medium projects, collaborating closely with cross-functional teams. Refine coding standards, building processes, and testing frameworks. Diagnose and resolve complex defects independently. Communicate progress, present demos, and coordinate feature releases. Support multiple Threat Groups and TATs concurrently, contributing to WorldView reporting and Synapse-based assessments. Assist in representing the team in Year in Review and webinars. Improve and document analysis methodologies, identify automation opportunities in Synapse, and recommend solutions for visibility gaps. Apply expertise in network telemetry tools (e.g., NetFlow, Censys, Shodan) and file-based analysis platforms (e.g., VirusTotal, Joe Sandbox). Utilize Synapse and Storm Query Language for data modeling, threat hunting, and investigative workflows. Contribute to external intel-sharing relationships aligned with assigned industries. Provide hunting support during surge events and incident response engagements, including triage under supervision.