Threat Hunting/IR Analyst

Threat Hunting/IR Analyst – Remote - Perm - $120,000 - $130,000
The end client is unable to sponsor or transfer visas for this position; all parties authorized to work in the US without sponsorship are encouraged to apply.

Our Client is seeking a Threat Hunting/IR Analyst for a remote opportunity.

Role Description

Currently seeking a Sr. Associate, Cyber Threat Hunting and Incident Response Analyst to join our Digital Nexus Group organization. This role is a remote work opportunity.

• Perform all phases of incident response life cycle: preparation, analysis, containment, eradication, remediation, recovery and post-incident activity
• Complete threat hunting in both on-premises and cloud environments
• Define, document, test and manage incident response processes, document processes and procedures in the form of playbooks and reference guides
• Evaluate external threat intelligence sources related to zero-day attacks, exploit kits and malware to determine organizational risk and improve threat detection by incorporating into detection tools
• Conduct forensics, host-based disk and memory as well as network; analyze to determine root cause and impact
• Develop security monitoring by using cases and supporting content for security tools such as dashboards, alerts, reports, rules; including but not limited to the configuration and monitor security information and event management (SIEM) platform for security alerts

Skills & Requirements

• 5+ years of Threat Hunting/IR experience in large, complex enterprise environments
• Possess recent security monitoring experience and incident response activities preferably within a professional services firm or similar environment
• Possess experience with threat hunting in both on-premises and cloud environments (Azure preferred)
• Possess a solid understanding of network and system intrusion and detection methods (i.e. Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), hacking tools techniques and procedures, etc.)
• Possess experience with coding and analytics, malware analysis, endpoint lateral movement detection methodologies and host forensic tools
• Possess understanding of network protocol analysis, public key infrastructure, SSL, Microsoft Windows and Active Directory, Linux, open-source software, scripting, SQL and software programming

Why Hays?

You will be working with a professional recruiter who has intimate knowledge of the industry and market trends. Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers. You will also get support on resume writing, interview tips, and career planning, so when there’s a position you really want, you’re fully prepared to get it.

Nervous about an upcoming interview? Unsure how to write a new resume?

Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.

Hays is an Equal Opportunity Employer including disability/veteran.

In accordance with applicable federal and state law protecting qualified individuals with known disabilities, Hays U.S. Corporation will attempt to reasonably accommodate those individuals unless doing so would create an undue hardship on the company. Any qualified applicant or consultant with a disability who requires an accommodation in order to perform the essential functions of the job should call or text 813.336.5570

Drug testing may be required; please contact a recruiter for more information. #1142735


Job Type
Technology & Internet Services
$120,000 - $130,000