Cyber Threat Intelligence & Threat Hunting Lead
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Cyber Threat Intelligence & Threat Hunting Lead (Cybersecurity): Oversee integrated cyber threat intelligence, detection engineering, and proactive threat hunting for enterprise cyber defense missions with an accent on intelligence-driven detections, SIEM content engineering, and hypothesis-based hunting. Focus on MITRE ATT&CK-aligned adversary tracking, detection tuning, and operational threat-informed defense capabilities.
Company
provides cybersecurity services supporting enterprise defense missions.
What you will do
- Lead CTI, detection engineering, and threat hunting operations to support enterprise cyber defense missions.
- Develop intelligence-driven detection and hunt strategies, including hunt methodologies and adversary tracking.
- Build and maintain SIEM detections, analytics, correlation rules, behavioral detections, and hunt playbooks.
- Conduct hypothesis-based threat hunting aligned to MITRE ATT&CK, adversary TTPs, malware campaigns, and emerging threats.
- Integrate CTI into SOC workflows, detection engineering, and incident response operations.
- Support automation and SOAR integration initiatives and brief executives and technical leadership on emerging threats and operational risk.
Requirements
- 10+ years of cybersecurity operations experience.
- 5+ years supporting CTI, threat hunting, or detection engineering programs.
- Experience with Splunk, Sentinel, CrowdStrike, EDR telemetry, detection content engineering, and intelligence platforms.
- Strong understanding of MITRE ATT&CK, adversary tradecraft, malware analysis, and intelligence analysis methodologies.
- Experience developing SIEM detections, hunt analytics, detection tuning, and operational reporting.
Nice to have
- Relevant certifications such as GCTI, GCFA, GCIH, GMON, GCDA, CISSP, or Splunk Security certifications.
Culture & Benefits
- Full-time role within the AOUSC SOC department.
- Focus on operational threat-informed defense with executive-level reporting responsibilities.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →