Finding the best job has never been easier
Share
**Key Responsibilities:**
1. **Proactive Threat Hunting:** Demonstrate ability to author custom detection analytics used to hunt behavioral TTPs identified via hypothesis generation and informed by actionable cyber threat intelligence.
2. **SIEM & Hunt Platform Expertise:** Leverage Splunk and various multi-data hunt platforms to perform in-depth analysis of security logs, events, and alerts to uncover anomalous behavior and potential security breaches.
3. **Security Data & Logging:** Display expert knowledge of security technologies, including for cloud environments, and related data sets that enable cyber threat hunt operations including EDR, DNS, OS, AV, etc.
4. **Data Management:** Direct experience working with large and complex datasets and log analysis tools including but not limited to: Splunk, Python, Pandas, SQL, Hadoop, Hue.
5. **Incident Response Support:** Collaborate with incident response teams to investigate and respond to security incidents promptly and effectively.
6. **Stakeholder Engagement:** Liaise with numerous stakeholders across a multitude of lines of business (LOB) cognizant of the unique security and data considerations of each customer while delivering the Cyber Threat Hunt service.
7. **Tool Development:** Develop and maintain custom scripts, queries, and detection rules to enhance threat hunting capabilities and improve overall detection efficacy.
8. **Threat Intelligence Integration:** Integrate threat intelligence reporting and feeds into the threat hunting process as well as an operational understanding of the Mitre ATT&CK framework and its application to cyber threat hunting.
9. **Documentation and Reporting:** Document findings, analysis, and recommendations in clear and concise reports for both technical and non-technical stakeholders.
10. **Global Workforce:** Ability to navigate and work effectively across a complex, geographically dispersed organization.
**Qualifications:**
1. Bachelor's degree in Computer Science, Information Technology, or related field (or equivalent work experience).
2. Minimum of 7 years of experience in cybersecurity, with a focus on threat hunting, incident response, digital forensics, and/or cyber threat intelligence.
3. Proven expertise in utilizing Splunk for log analysis, data visualization, and custom query development.
4. Strong understanding of SIEM technologies and their role in cybersecurity operations.
5. Experience with scripting languages such as SPL, Python, PowerShell, or Bash for automation and tool development.
6. Excellent analytical and problem-solving skills with a keen eye for detail.
7. Strong communication and collaboration skills, with the ability to effectively interact with both technical and non-technical stakeholders.
8. Relevant certifications such as Splunk Certified User/Power User, GIAC Certified Incident Handler (GCIH), or equivalent certifications are a plus.
We win with inclusion
PhiladelphiaJob Segment:ERP, Cloud, CRM, Supply Chain Manager, Computer Forensics, Technology, Operations, Security
These jobs might be a good fit