AVP, Claims General Liability
Zurich Insurance
Threat Hunting Associate Vice President
MUFG
full-time
Posted on:
Location Type: Hybrid
Location: Jersey City • Arizona, New Jersey • 🇺🇸 United States
Visit company websiteSalary
💰 $104,000 - $131,000 per year
Job Level
JuniorMid-Level
Tech Stack
Cyber SecurityPythonSplunk
About the role
- Focus on proactively hunting for threat actor’s tactics, techniques, procedures, and behaviors based on Threat Intelligence and formed hypotheses
- Use knowledge of networking, operating systems, SIEM, EDR and threat hunting tools to find adversaries, identify gaps in detection and cyber hygiene, and recommend improvements to detection rules
- Assist in incident response with threat actor behavior, IoC based hunting, and track and measure the value of threat hunting activity
- Work closely with a highly skilled team of individuals globally, collaborating across lines of defense, businesses, and technology teams disseminating threat hunting activity and risk mitigation results
- Perform threat hunts using SIEM, EDR and Threat Hunting Tools, based on threat intelligence, threat actor TTPs and IOCs, and Threat Hunting hypotheses
- Weekly/Monthly tracking and reporting of Threat Hunting activity, progress, metrics
- Threat Hunting supporting incident response
- Serve as backup and rotation for Threat and Vulnerability Intelligence functions
- Support audit and regulatory exams
- Administer tools and platforms and related technologies to support Threat Hunting
- Document and maintain processes and procedures
- Presentations to stakeholders and senior leaders
Requirements
- 3+ years of prior Threat Hunting or Incident Response experience
- Proficiency in Python, PowerShell, or Bash for automation, data parsing, and custom tooling
- Experience writing detection logic using SIGMA, YARA, Splunk SPL, or KQL
- Ability to develop and maintain scripts for threat hunting workflows and incident response
- Knowledge of forensic tools like Volatility, Autopsy, FTK, or EnCase
- Experience with Threat or Vulnerability intelligence, assessment, management a plus
- Knowledge of industry standards and frameworks such as NIST, MITRE ATT&CK, TAHITI, PEAK
- Knowledge of SIEM, EDR, Networking, Operating Systems, and Scripting Languages
- 3+ years overall experience working in a global organization
- Minimum of 3 years working directly in Cybersecurity Operations
- Experience working within the Financial Services Industry preferred
- Relevant technical and industry certifications a plus such as CISSP, ISSMP, SANS, GCIA, CISM, EnCE, CEH, GCFA, GCFE, GCIH, or GSEC
Benefits
- comprehensive health and wellness benefits
- retirement plans
- educational assistance and training programs
- income replacement for qualified employees with disabilities
- paid maternity and parental bonding leave
- paid vacation, sick days, and holidays
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
Threat HuntingIncident ResponsePythonPowerShellBashSIGMAYARASplunk SPLKQLForensic Tools
Soft skills
CollaborationCommunicationPresentationDocumentationAnalytical Thinking
Certifications
CISSPISSMPSANSGCIACISMEnCECEHGCFAGCFEGCIH
