Key skills
Cyber SecurityRisk ManagementCommunicationCollaboration
About this role
Role Overview
- Lead proactive threat hunts to identify patterns, anomalies, and behaviors associated with known and emerging adversary TTPs.
- Configure and optimize advanced security tools to enhance detection fidelity and coverage.
- Lead and execute complex threat investigations across customer environments.
- Provide analytical support throughout the full incident lifecycle, including identification, containment, eradication, and recovery.
- Research emerging threats and adversary techniques to develop actionable intelligence and effective detection strategies.
- Translate intelligence into practical hunting methodologies and detection improvements.
- Produce detailed technical incident reports and contribute to executive-level summaries.
- Clearly communicate findings, risk, and remediation guidance to both technical and executive stakeholders.
- Develop and maintain Armis platform policies, dashboards, and customer-specific monitoring use cases.
- Partner with internal teams to automate workflows, enhance tooling, and improve service delivery efficiency.
- Design and maintain standardized, reusable threat hunting playbooks to scale and operationalize MTS capabilities.
- Contribute feedback and prioritization input to product and feature development.
- Serve as a trusted advisor and thought leader for assigned customers on risk management, detection optimization, and response maturity.
- Act as a recognized subject matter expert internally and externally.
- Coach and mentor junior team members, fostering technical growth, collaboration, and continuous learning.
Requirements
- Bachelor’s degree in Cybersecurity, Computer Science, or a related field (preferred).
- 8+ years of professional cybersecurity experience, ideally in threat hunting, threat intelligence, incident response, or SOC operations.
- Deep understanding of network infrastructure, operating systems, and common attack vectors.
- Strong experience mapping adversary behavior using MITRE ATT&CK and Cyber Kill Chain frameworks.
- Advanced expertise analyzing logs, endpoint telemetry, IDS/IPS data, and network traffic (NetFlow, PCAP).
- Experience with malware analysis (static and dynamic) and IOC development.
- Solid knowledge of security controls, detection engineering, and risk-based mitigation strategies.
- Excellent written and verbal communication skills, with the ability to translate complex findings into actionable guidance.
- Proven ability to operate independently and lead engagements in distributed, cross-functional environments.
- U.S. citizenship required.
Tech Stack
- Cyber Security
Benefits
- Comprehensive health benefits
- Discretionary time off
- Paid holidays including monthly me days
- Highly inclusive and diverse workplace