BillericaRecruiter Since 2001
the smart solution for Billerica jobs

Threat Hunter

Company: Diverse Lynx
Location: Billerica
Posted on: November 24, 2022

Job Description:

Role: Threat Hunter
Location: Billerica, MA (Initial remote but candidate should relocate to client location at later time.)
Contract : 11 Months
5 Years of Experience

Primary responsibilities

The primary responsibility for the Cyber Threat Hunter is to proactively investigate security events to identify artifacts of a cyber-attack. Threat Hunters will also be expected to participate in several different areas within Security Operations and Incident Response process; these activities include use-case development, malware reversing and analysis, digital forensics, and hunt plan development.

Assist with developing core foundational components of the Threat Hunting program.
Dedicate primary daily focus to hunt client environment for threats and anomalies with intelligence gathered from CTI sources.
Develop content that will drive SOC monitoring and detection (use cases, priority, actionable and relevant intelligence) this includes the creation of Threat Hunting Products (CTITH) to describe and detail analysis.
Develop processes and procedures for tactical information collection, analysis and dissemination.
Support the Team(s) by ensuring assignments are handled and completed in a timely fashion.
Provide feedback on processes and procedures to include improvements and evergreen process.
Follow all processes and procedures outlined in the Wiki.
Keep up to date with threat actor TTPs.
Develop greater holistic insight and adversarial mapping to specific IOCs - attacks to attacker.
Develop a repository of SOPs, playbooks, and checklists for hunting that aligns to MITRE Telecommunication&CK techniques and the availability of current data.
Integrate Offensive Intelligence testing methodology and high-level findings.
Save past "hunts" or queries for tracking and collaboration purposes (saved work can transform one-time hunts into persistent queries).
Assist with Brand Monitoring Intelligence analysis and investigations when requested.
Assist with Incident Response analysis and investigations when requested.
Qualifications
Minimum qualifications

Relevant experience in a technical security role in one of the following areas: threat detection, incident response, malware analysis, exploit development, and/or red team experience.
Strong understanding of incident response process, specifically with detection and containment.
Working knowledge of the Cyber Kill Chain Model, Diamond Model, Course of Action Matrix, and MITRE Telecommunication&CK Matrix and how each methodology can be applied to threat hunting.
Experience in detecting advanced attack methodologies via log analysis and/or endpoint tools. Experience using event management tools (example: ArcSight, Splunk, or QRadar for analysis and use case development.)
Understanding of packet analysis and how deep packet inspection toolsets can be used to support threat identification.
Experience with at least one common scripting or programming languages, such as Python, JavaScript, and/or PowerShell.
Strong understanding of the Windows file system and registry functions or *NIX operating systems and command line tools.
Knowledge of common tactics used by attackers and methods for detection.
Capable of developing detection signatures (YARA, SNORT).
Preferred qualifications

Relevant experience in a technical security role in one of the following areas: threat detection, incident response, malware analysis, exploit development, and/or red team experience.
Strong understanding of incident response process, specifically with detection and containment.
Working knowledge of the Cyber Kill Chain Model, Diamond Model, Course of Action Matrix, and MITRE Telecommunication&CK Matrix and how each methodology can be applied to threat hunting.
Experience in detecting advanced attack methodologies via log analysis and/or endpoint tools. Experience using event management tools (example: ArcSight, Splunk, or QRadar for analysis and use case development.)








Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.


Keywords: Diverse Lynx, Billerica , Threat Hunter, Other , Billerica, Massachusetts

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest Massachusetts jobs by following @recnetMA on Twitter!

Billerica RSS job feeds