Associate Principal Adversary Hunter (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Associate Principal Adversary Hunter (Cybersecurity): Tracking and disrupting threats targeting ICS/OT environments with an accent on adversary infrastructure analysis and intelligence product development. Focus on leading proactive threat hunting engagements, advancing analytical tradecraft, and mentoring the team as a subject matter expert.
Location: Must be based in the United States
Salary: $175,000
Company
is a market leader in ICS/OT cybersecurity, dedicated to protecting industrial organizations that provide essential services like water and electricity.
What you will do
- Own and track one or more Threat Groups and Temporary Activity Threads (TATs) independently.
- Author authoritative intelligence products and represent the team in customer briefings and industry events.
- Lead proactive and reactive threat hunting efforts, including during high-priority incident response surge events.
- Enhance analysis methodologies and develop automation tools to scale team output.
- Collaborate across functions to ensure intelligence flows efficiently through triage and reporting pipelines.
- Mentor peers and junior analysts to elevate the team's overall analytical capabilities.
Requirements
- 5+ years of experience in threat intelligence, adversary tracking, or threat hunting.
- Demonstrated depth in ICS/OT-focused threat activity.
- Expert-level application of the Diamond Model, Kill Chain, and MITRE ATT&CK for ICS.
- Hands-on proficiency with network telemetry tools (NetFlow, Censys, Shodan) and file analysis platforms.
- Advanced working knowledge of Synapse and Storm Query Language.
- Ability to develop analytical automation using Python or C#.
- Must be authorized to work in the United States.
Culture & Benefits
- Remote-first culture with a mission-oriented team.
- Competitive equity package.
- Comprehensive benefits plan.
- Opportunities for external industry engagement and thought leadership.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →