Previous Job
Previous
Cyber Threat Hunter
Ref No.: 18-16986
Location: Austin, TX, Texas
Summary of This Role
  • Hunt for and identify threat actor groups and their techniques, tools and processes
  • Participate in "hunt missions " using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect an eradicate threat actors on the TSYS network.
  • Provide expert analytic investigative support of large scale and complex security incidents.
  • Perform analysis of security incidents for further enhancement of alert catalog
  • Continuously improve processes for use across multiple detection sets for more efficient TMC operations
  • Document best practices with the TMC staff using available collaboration tools and workspaces.
  • Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed
  • Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc
  • Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors
  • A passion for research, and uncovering the unknown about internet threats and threat actors
Experience:
  • 6+ years overall IT Infrastructure experience
  • 3+ years of recent operational security experience (SOC, Incident Response, Malware Analysis, IDS/IPS Analysis, etc)
  • Experience with several of the following topics:
  • Malware analysis
  • APT/crimeware ecosystems
  • Exploit kits
  • Cyber Threat intelligence
  • Software vulnerabilities & exploitation
  • Data analysis
  • Dark web intelligence
  • Skills:
  • Demonstrated knowledge of Linux/UNIX & Windows operating systems
  • Demonstrated knowledge of the Splunk search language, search techniques, alerts, dashboards and report building.
  • Experience with Snort, Bro or other network intrusion detection tools
  • Detailed understanding of the TCP/IP networking stack & network technologies
  • Working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.)
  • Nominal understanding of regular expression and at least one common scripting language (PERL, Python, Powershell).
  • Strong collaborative skills and proven ability to work in a diverse global team of security professionals
  • Strong organizational skills
  • Strong verbal and written skills
  • Excellent interpersonal skills
Education:
Bachelor's degree, or relevant work experience
Relevant Technical Security Certifications (GIAC, EC-Council, Offensive Security, etc)
More Information About the Job
Is Relocation Available?
Yes, nationwide

Is there a bonus structure?
No

Are you open to sponsorship?
No

This position is:
New Position

Is there a possibility to work remote?
No

Is there equity?
No

Are there flexible work hours?
Yes

Does this position have direct reports?
No

Who does this position report to?
to hiring manager,

What are the 3-4 non-negotiable requirements on this position?
no sponsorship or remote work