Cyber Security Threat Hunter
|Reference # :||18-01430||Title :||Cyber Security Threat Hunter|
|Location :||Charlotte, NC|
|Position Type :||Direct Placement|
|Experience Level :||Start Date :||02/13/2018|
Eclaro International is currently recruiting for Cyber Security Threat Hunter for one of our financial services clients.
In this highly visible role, you will perform research and analysis searching for indications of advanced threat actors existing on the network. Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise. Works with the Cyber Security Research and Development team to operationalize new and innovative techniques of discovering advanced threat actors. Works in Global Information Security in the Cyber Security Defense organization to ensure there are good data sources to enrich hunting capabilities.
? 4-7 years of background in information security, cyber security or network engineering.
? Must understand typical threat actor profiles, the typical indicators associated with those profiles, and be able to synthesize the two to develop innovative techniques to detect threat actor activity.
? Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
? Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
? Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise
? Ability to analyze logs, normalize and perform automated log correlations utilizing big data analysis or hunt tools to identify anomalous and potentially malicious behavior
? Strong experience with Digital forensics on host or network from malware perspective, ability to identify anomalous behavior on network or endpoint devices
? Experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security, and security monitoring solutions (NSM, DLP, Insider, etc)
? Self-starting, organized, proactive, and requiring minimal management oversight.
? Ability to quickly learn new and complex concepts.
? Strong analytical skills/problem solving/conceptual thinking/attention to detail.
? Ability to work effectively with peers and multiple levels of management.
? Well organized, thorough, with the ability to balance and prioritize competing priorities.
? Excellent verbal and written communication skills across multiple levels of the organization.
? A passion for Cyber Threat Hunting, research, and uncovering the unknown about threats and threat actors
? Bachelor's degree in Computer Science.
? Ability to effectively code in a scripting language (Python, Perl, etc.)
? Ability to understand big data and query languages (Splunk, SQL etc.)
? Experience with either Red team or Blue team operations and ability to think both like an attacker and defender.
? Experience setting up infrastructure to support Hunt Team operations
? Previous experience working in the financial industry
Enterprise Role Overview:
Key individual contributor, with accountability for researching, designing, engineering, implementing, and supporting information security & directory technology systems (software & hardware). Utilizes in-depth technical knowledge and business requirements to design & implement secure solutions to meet customer / client needs while protecting the Bank's assets. Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse environment (e.g. client server, distributed, mainframe, etc.). Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically, 5-7 years of IT experience.
Equal Opportunity Employer: Eclaro values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.