Cyber Threat Investigator
Indexed description
We are Hiring: Cyber Threat Hunter (Tier-3 Specialist)
Do you assume a network is already compromised? Do you prefer hunting stealthy adversaries over waiting for automated alerts to fire? We are looking for an elite, proactive Cyber Threat Hunter (Tier-3 Specialist) to join our advanced defense team!
In this role, you won't just react to dashboards. You will use advanced threat intelligence, statistical data analysis, and behavioral engineering logic to hunt down stealthy adversaries lurking within enterprise systems. Positioned at the highest tier of our SOC operations, you will design sophisticated detection models and transform your hunting hypotheses into automated, production-grade security alerts.
Key Responsibilities :
Proactive Threat Hunting & Hypotheses
- Develop and execute data-driven threat hunting hypotheses based on real-world attacker behaviors, emerging zero-days, and structural risks.
- Scrutinize telemetry data across endpoints, cloud microservices, and network traffic to isolate Advanced Persistent Threats (APTs) and insider threats.
- Build and refine large-scale data analytics pipelines, profiling normal environmental baselines to catch subtle behavioral anomalies.
Advanced Detection Engineering & Intelligence
- Analyze tactical threat intelligence, ingest Indicators of Behavior (IoBs), and map threat actor tactics directly to the MITRE ATT&CK framework.
- Translate successful hunting discoveries into long-term automated detection logic (SIEM rules, EDR watchlists, YARA/Sigma rules).
- Conduct deep post-incident forensics on critical network events to uncover structural flaws and recommend permanent hardening mitigations.
Strategic Leadership & Knowledge Share
- Partner directly with security architecture, engineering, and infrastructure teams to design comprehensive log-ingestion policies and visibility maps.
- Upskill Tier-1 and Tier-2 analysts by conducting technical knowledge-sharing workshops, table-top exercises, and writing analytical documentation.
Job Requirements & Qualifications
Experience & Track Record:
- Total Experience: Minimum of 5–7+ years of dedicated technical experience in specialized domains such as DFIR (Digital Forensics and Incident Response), Penetration Testing, or Advanced SOC operations.
- Hunting Expertise: At least 2–3 years of proven, documented experience specifically conceptualizing and executing structured threat hunts in enterprise environments.
- Mindset: An innate skepticism of network health and a deep understanding of the attacker lifecycle (living-off-the-land techniques, credential dumping, etc.).
Technical Skills & Tools:
- Advanced SIEM & Data Lakes: Mastery of log manipulation, correlation, and statistical behavioral mapping using Splunk (SPL), Microsoft Sentinel (KQL), or custom Jupyter Notebook integrations.
- Telemetry Extraction: Expert knowledge pulling artifact footprints from memory spaces, master file tables (MFT), and kernel structures via tools like Velociraptor or KAPE.
- Scripting & Automation: High proficiency in Python, PowerShell, Go, or SQL to query telemetry data and automate hunting routines via APIs.
- Cloud & Behavioral Profiling: Expert knowledge tracking identity perimeters across distributed AWS, Azure, or GCP environments, with mastery using Sigma and YARA rules.
Preferred Advanced Certifications (Highly Prioritized):
- Advanced Cyber Defense: GCFA, GNFA, or GCTI.
- Offensive/Defensive Mastery: OSCP or ECTHP.
Think you have the instincts to hunt down the unseen? Apply directly via the link below or connect with our Talent Acquisition team.
#Hiring #CyberSecurityJobs #ThreatHunting #SOC #DFIR #DetectionEngineering #InfoSec #TechCareers
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search