Cyber Threat Researcher

New

RemoteFull-TimeMiddle

Salary90,000 - 120,000 USD per year

Apply NowOpens the employer's application page

Job Details

Experience: 4+ years of experience in cybersecurity, with at least 1 year focused on threat hunting or detection engineering
Required Skills: Python

At least 4+ years of experience in cybersecurity, with at least 1 year focused on threat hunting or detection engineering.
History of building custom behavior-based and/or threshold-based detections in customer environments from scratch.
Capable of identifying and tuning flaws in existing detections to reduce noise with little to no oversight.
Experience performing hypothesis-driven threat hunts in customer environments.
Capable of clearly and concisely reporting findings from threat hunts.
History of attending customer meetings, including those involving senior leadership.
Working understanding of the MITRE ATT&CK framework.
Background knowledge in the cyber threat landscape, including threat actors, malware, and evolving TTPs.
Experience working with cyber threat intelligence analysts/teams to identify new detection opportunities.
Proficiency with SIEMs, EDR/XDR platforms, and log analysis tools.
Experience with scripting languages (Python, PowerShell, etc.) for scripting purposes.
Enjoy working in a team environment.
Willingness to learn from more senior team members while mentoring junior team members.

Proactively create detection rules to alert SOC analysts of intrusions against customer networks.
Assist with tuning and enhancing existing detection rules to better defend against evolving threats.
Support hypotheses-driven threat hunting efforts using security data and intelligence.
Support threat intelligence objectives by contributing to offensive and defensive threat intelligence reports.
Research and track adversary TTPs and leverage frameworks such as MITRE ATT&CK.
Provide technical mentorship to junior threat hunters and SOC analysts.
Contribute to continuous improvement of detection engineering and hunting methodologies.
Regularly engage with internal account teams and customers to help strengthen their security posture, identify weaknesses, report on findings, and report on detection strategies.
Provide technical insight to internal account teams and customers as needed.
Collaborate with Incident Response and SOC teams to investigate and contain security incidents.

View Full Description & ApplyYou'll be redirected to the employer's site