Conduct proactive threat hunts and adversary emulation to identify adversary activity, cyber risks and anomalies.
Identify potential vulnerability exploitation at network, endpoint, application and cloud levels.
Capture samples to perform malware analysis and fundamental reverse engineering.
Analyze scripts and code artifacts in languages such as Powershell, Python, VBScript, C++, HTML, XML, and others necessary for threat identification and response.
Evaluate, analyze and synthesize large quantities of data to uncover anomalous activity capable of introducing risk to North environments.
Work closely with other cybersecurity teams and operational technology owners to investigate anomalous findings, contribute to detection logic improvements and verify security control implementations.
Capture hunt byproducts indicative of poor cyber hygiene practices, company policy violation or misuse.
Define, track, and report key metrics that assess hunt effectiveness, analytic performance, and program maturity.
Design and write scripts to help expedite repetitive tasks or complex detection logic.
Support incident response cases, as needed.
Analyze telemetry across network, endpoint, cloud, and other log sources to differentiate between benign and malicious behavior.

Requirements

Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or relevant equivalent experience.
7+ years of relevant experience (SOC, IR, Malware Research, Red Team).
Strong background in cybersecurity domains including: Vulnerability exploitation detection; Malware identification and Reverse Engineering fundamentals; security content and signature development.
Experience conducting hunts or incident response across networks, endpoints, cloud and application environments.
Demonstrated ability to interpret and write automated scripts and programming code to support detection efforts.
Working knowledge of TTPs used for EDR evasion, vulnerability and zero-day exploitation investigations (network, endpoint, application level).
Knowledge of threat hunting methodologies and hypothesis-driven analytic techniques.
Strong technical background in security tooling and detection engineering principles.
Attention to details and focus on tactical execution.
Relevant certifications (e.g.,SANS GCFA/GNFA/GCTI, OSCP (for offensive knowledge), or CISSP) preferred.

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

PowershellPythonVBScriptC++HTMLXMLmalware analysisreverse engineeringvulnerability exploitation detectiondetection logic development

Soft Skills

attention to detailtactical executioncollaborationanalytical thinkingcommunication

Certifications

SANS GCFASANS GNFASANS GCTIOSCPCISSP