Previous Job
Cyber Threat Hunter
Ref No.: 18-16986
Location: Austin, TX, Texas
Summary of This Role
  • Hunt for and identify threat actor groups and their techniques, tools and processes
  • Participate in "hunt missions " using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect an eradicate threat actors on the TSYS network.
  • Provide expert analytic investigative support of large scale and complex security incidents.
  • Perform analysis of security incidents for further enhancement of alert catalog
  • Continuously improve processes for use across multiple detection sets for more efficient TMC operations
  • Document best practices with the TMC staff using available collaboration tools and workspaces.
  • Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed
  • Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc
  • Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors
  • A passion for research, and uncovering the unknown about internet threats and threat actors
  • 6+ years overall IT Infrastructure experience
  • 3+ years of recent operational security experience (SOC, Incident Response, Malware Analysis, IDS/IPS Analysis, etc)
  • Experience with several of the following topics:
  • Malware analysis
  • APT/crimeware ecosystems
  • Exploit kits
  • Cyber Threat intelligence
  • Software vulnerabilities & exploitation
  • Data analysis
  • Dark web intelligence
  • Skills:
  • Demonstrated knowledge of Linux/UNIX & Windows operating systems
  • Demonstrated knowledge of the Splunk search language, search techniques, alerts, dashboards and report building.
  • Experience with Snort, Bro or other network intrusion detection tools
  • Detailed understanding of the TCP/IP networking stack & network technologies
  • Working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.)
  • Nominal understanding of regular expression and at least one common scripting language (PERL, Python, Powershell).
  • Strong collaborative skills and proven ability to work in a diverse global team of security professionals
  • Strong organizational skills
  • Strong verbal and written skills
  • Excellent interpersonal skills
Bachelor's degree, or relevant work experience
Relevant Technical Security Certifications (GIAC, EC-Council, Offensive Security, etc)
More Information About the Job
Is Relocation Available?
Yes, nationwide

Is there a bonus structure?

Are you open to sponsorship?

This position is:
New Position

Is there a possibility to work remote?

Is there equity?

Are there flexible work hours?

Does this position have direct reports?

Who does this position report to?
to hiring manager,

What are the 3-4 non-negotiable requirements on this position?
no sponsorship or remote work