Senior Threat Hunter

CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter - and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively.

**CyberProof **is part of the UST Global family. Some of the world's largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.

**Expectations from this role**:

- Proactively drive hunting and analysis against the available dataset to look for indicators of security breaches
- Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack techniques, to form hunting workflows and mitigation steps
- Design and implement data mining techniques to extract meaningful insights from large data sets
- Collaborate with the incident response team to develop EDR-based detection and response workflows
- Perform analysis on data sets from various sources including, network, endpoint, and cloud environments
- Develop and maintain an understanding of the latest cybersecurity technologies, trends and threats
- Participate in the development of reports and dashboards that provide insights into the cybersecurity posture of the client
- Collaborate with cross-functional teams to develop and implement new tools and techniques to enhance cybersecurity analytics

**Typical performance measures**:

- Managing customer records from several perspectives: routine meetings and engagements with customer’s stakeholders, identifying security issues in the environment, scheduling and managing hunting activities across a calendar, preparations and executing of hunting activities, creating timely reports, etc.
- Collaborate with other teams to locate research initiative
- Conduct deep technical research on security breaches

**Performance Areas**:

- Operating under “Hunter’s state of mind” to be proactive and leverage data into hunting workflows
- Manage customer records to set hunting activities on a scheduled basis
- Innovate new processes and workflows to deploy proactivity in all aspects to address complex threats and risks

**Requirements**:

- Proven experience of 5+ years in Cyber Threat Hunter or Incident Response, including high skills in forensics and investigation of the network, endpoint, and cloud logs
- Deep and proven knowledge and understanding of attacks and compromise footprints
- Deep and proven knowledge of baseline operating system internals, network communications, and user behavior
- Critical thinking, problem-solving skills, and innovative way of thinking
- Action-oriented and have a proactive approach to solving issues
- Excellent written and verbal communication skills
- Excellent organization, time management, and attention to detail
- Ability to use forensic tools and analysis methods to detail nearly every malicious action
- Ability to conduct endpoint security and Windows artifact analysis: Registry hives, Event Log files, File system analysis, etc.
- Ability to conduct network security and understand TCP/IP component layers and distinguish normal from abnormal network traffic
- Ability to conduct cloud security (Cloud Storage File and Metadata Examinations)
- Ability to do malware analysis using the sandbox to identify and analyze suspicious artifacts in sandbox reports
- Ability to continuously learn new technology and stay updated on cyber threats

**Certifications which may be valuable**:

- Cisco Certified Network Associate (CCNA)
- Certified Ethical Hacker (CEH)
- Certified Computer Examiner (CCE)
- GIAC Certified Forensic Examiner (GCFE)
- Certified Computer Forensics Examiner (CCFE)