Expectations from this role:
Proactively drive hunting and analysis against the available dataset to look for indicators of security breaches in both endpoints and cloud (AWS, Azure, and GCP).
Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack techniques, to form hunting workflows and mitigation steps.
Design and implement data mining techniques to extract meaningful insights from large data sets
Work with CyberProof Security teams to identify threats, develop or recommend countermeasures, and provide dedicated solutions to security risks.
Create internal threat hunting tools to automate and support the hunting process.
Utilize automation to improve processes, support incident handling with proactive approach, and to hunt for threats on our customers networks.
Work with the team to improve and expand the toolset and develop new analysis techniques and processes.
At least 5 years of experience with Threat Hunting.
Proven experience with programming languages such as Python, PowerShell, etc.
Ability to work individually and as part of a team in their day-to-day tasks.
Ability to manage time efficiently.
Must be action-oriented and have a proactive approach to solving issues.
Excellent written and verbal communication skills in English.
Excellent organization, time management, and attention to detail
Ability to work with security tools such as SIEM (Qradar, Splunk, etc.) and EDR (Microsoft Defender, CrowdStrike, etc.)
Ability to use forensic tools and analysis methods to detail nearly every malicious action
Ability to conduct endpoint security (Windows artifact analysis: Registry hives, Event Log files, File system analysis, etc.)
Ability to conduct network security (Understand TCP/IP component layers and distinguish normal from abnormal network traffic)
Ability to do malware analysis using sandbox (Identify and analyze suspicious artifacts in sandbox reports)
Ability to continuously learn new technology and stay updated on cyber threats.
