Advanced Threat Hunter

Role Overview

• Provide 12x5 operational coverage and after-hours on-call support to detect, analyze, and mitigate advanced cyber threats
• Conduct advanced packet-level traffic analysis and reconstruct network activity to identify anomalies, trends, and threat patterns
• Perform in-depth web and application log analysis to identify suspicious or malicious behavior
• Search for indicators consistent with advanced persistent threats (APTs)
• Perform pattern, trend, and behavior analysis using multiple data sources
• Design, deploy, and manage deception technologies (e.g., honeypots, lures, traps)
• Conduct forensic analysis and documentation of malware incidents from initial compromise through remediation
• Collaborate with SOC teams to assess and monitor key risk areas, including public-facing systems and sensitive databases
• Develop and maintain SOPs, provide training, and support implementation of security solutions
• Produce clear, comprehensive reports and actionable recommendations based on findings
• Identify opportunities to enhance cyber detection capabilities and close security gaps
• Support cyber requirements analysis and tracking activities

Requirements

• Demonstrated experience with APT detection and prevention tools such as: FireEye HX, Cisco Advanced Malware Detection, ThreatGrid, Exabeam
• Strong experience with: Windows servers, domain controllers, databases, Group Policy, and firewall/network filtering
• Linux/Unix operating systems and file systems
• Experience performing: NETFLOW and PCAP analysis using tools such as Wireshark, Cisco Stealthwatch, or AWS VPC Flow Logs
• Real-time security event monitoring and anomaly detection using Splunk
• Proven experience conducting: Malware forensic analysis (live system, sandbox, static, and memory/RAM analysis)
• Full lifecycle malware investigation and documentation
• BA/BS or minimum of three (3) years of experience in forensics and incident response
• Minimum two (2) years of hands-on experience with Splunk and Wireshark
• At least two (2) active cybersecurity certifications, such as: Security+, CISSP, GCIH, GCIA, GREM, GSEC, GCED, GCFA, GSLC, GSNA, GAWN, GPPA, GSE
• Strong analytical, problem-solving, and investigative skills
• Ability to clearly document and communicate technical findings to diverse audiences
• Experience working in high-visibility, mission-focused environments
• Strong collaboration skills with SOC and engineering teams

Tech Stack

• AWS
• Cyber Security
• Linux
• Splunk
• Unix

Benefits

• Multiple medical plan options
• Dental and vision coverage
• Health savings and flexible spending accounts
• Employer-sponsored life and disability insurance
• Access to wellness and health advocacy resources
• 401(k) retirement savings plan with company match and immediate vesting
• Paid holidays
• Paid time off (PTO)
• Sick leave
• Paid volunteer time
• Parental leave
• Other leave programs
• Employee Assistance Program (EAP) offering confidential counseling and support services
• Professional development and training opportunities