Responsibilities

• Perform threat hunting on endpoints by exploring and correlating large data sets resulting in timely alerts for customers
• Uncover novel attack techniques, monitor and catalog changes in activity group tradecraft
• Acquire new and leverage existing knowledge of attacker tools, tactics and procedures to improve security posture of customers
• Effectively engage and collaborate with partners in data science, threat research to develop and maintain high-fidelity detection rules
• Build or identify hunting tools and automations for use in the discovery of human adversaries

Qualifications

• Degree in Computer Science or a related technical discipline
• 5+ years of computer security industry experience in a technical role such as Security Operations, Malware analysis, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team
• 1+ years of coding and scripting experience (Regex, Python, SQL, KQL) 
• Comfortable working with large data sets for analysis and visualization, using tools and scripting languages such as: Excel, SQL, Python, Splunk Query Language, Kusto query language, Jupyter Notebooks and PowerBI
• Functional understanding of common threat analysis models such as Cyber Kill Chain, MITRE ATT&CK
• Ability to track, analyze, and brief on new and ongoing cyber-attacks with understanding of identity and popular authentication/authorization protocols
• Experience using analysis tools (e.g. file/network/OS monitoring tools and/or debuggers) and knowledge of operating system internals and security mechanisms 
• Experience in endpoint protection technologies such as EPP/EDR (e.g. Microsoft Defender for Endpoint)
• Experience with reverse engineering, digital forensics (DFIR) or incident response, or machine learning models
• Experience with offensive security including tools such as Metasploit, exploit development, Open Source Intelligence Gathering (OSINT), and designing ways to breach enterprise networks
• Experience with advanced persistent threats and human adversary compromises
• Strong understanding of attacker mindset and ability to apply defensive tactics to protect against it
• Broad, general familiarity with the threat landscape affecting enterprise customers
• Good verbal and written communication skills in English