We are seeking a Threat Hunt Analyst to join Unit 42’s Managed Services group. Threat Hunters in Unit 42 play a critical role in safeguarding organizations against cyber threats by proactively searching for threats across multiple datasets. They are responsible for leading and conducting threat hunting activities related to malware, threat actor groups, and campaign activity. This position requires a cross-disciplinary approach that involves a deep understanding of cybersecurity, incident response, threat intelligence, and hands-on technical skills.
One primary responsibility of this role is to proactively search for signs of malicious activity within an organization’s network. Our Analysts use advanced tools and methodologies to identify anomalies and potential threats that may go undetected by traditional security solutions. Additionally, our Analysts should actively engage in research and experimentation to develop new hunting techniques and stay ahead of evolving threats.
Effective communication is crucial in this role. Analysts must work closely with other teams, such as Incident Response, Threat Intelligence, Customers, and cybersecurity leadership, to share findings and coordinate response efforts
Your Impact:
Monitor Customer Communications – Actively monitor channels like emails, ticket systems, and Zoom to quickly identify and prioritize cybersecurity inquiries, ensuring prompt and attentive customer service
Incident Investigation – Provide initial support in incident investigations, working with customers to understand incidents fully and gather necessary data, while escalating complex cases as needed
Threat Inquiry Response – Stay informed about the latest cybersecurity developments and use this knowledge to address customer questions about emerging threats, offering clear guidance and mitigation strategies
Technical Query Support – Utilize XQL expertise to assist customers with complex queries for data analysis and incident investigations using our XDR, helping them gain valuable insights
Educational Support – Clearly explain the technical aspects of threats and our XDR product to customers, advising on best practices for threat detection, analysis, and response
Collaborate Internally – Work closely with internal teams like MDR, threat intelligence, and research to provide holistic support to customers and improve our offerings based on customer feedback
Documentation and Reporting – Maintain detailed records of customer interactions and contribute to creating incident reports and knowledge base articles to support both customers and internal teams
Ongoing Learning – Engage in continuous learning and training to enhance your cybersecurity and threat hunting skills, keeping abreast of new threats, technologies, and best practices to better support customers.
One primary responsibility of this role is to proactively search for signs of malicious activity within an organization’s network. Our Analysts use advanced tools and methodologies to identify anomalies and potential threats that may go undetected by traditional security solutions. Additionally, our Analysts should actively engage in research and experimentation to develop new hunting techniques and stay ahead of evolving threats.
Effective communication is crucial in this role. Analysts must work closely with other teams, such as Incident Response, Threat Intelligence, Customers, and cybersecurity leadership, to share findings and coordinate response efforts
Your Impact:
Monitor Customer Communications – Actively monitor channels like emails, ticket systems, and Zoom to quickly identify and prioritize cybersecurity inquiries, ensuring prompt and attentive customer service
Incident Investigation – Provide initial support in incident investigations, working with customers to understand incidents fully and gather necessary data, while escalating complex cases as needed
Threat Inquiry Response – Stay informed about the latest cybersecurity developments and use this knowledge to address customer questions about emerging threats, offering clear guidance and mitigation strategies
Technical Query Support – Utilize XQL expertise to assist customers with complex queries for data analysis and incident investigations using our XDR, helping them gain valuable insights
Educational Support – Clearly explain the technical aspects of threats and our XDR product to customers, advising on best practices for threat detection, analysis, and response
Collaborate Internally – Work closely with internal teams like MDR, threat intelligence, and research to provide holistic support to customers and improve our offerings based on customer feedback
Documentation and Reporting – Maintain detailed records of customer interactions and contribute to creating incident reports and knowledge base articles to support both customers and internal teams
Ongoing Learning – Engage in continuous learning and training to enhance your cybersecurity and threat hunting skills, keeping abreast of new threats, technologies, and best practices to better support customers.
Requirements:
At least 4 years in SOC, IR, Hunting or MDR teams, skilled in EDR, SIEM, SOAR, and firewalls – Must understand attack trends and excel in threat detection
Technical Skills – Proficiency in EDR, SIEM, SOAR, and firewalls is essential – A strong background in SQL or similar is preferred
Work Ethic – Candidates should thrive in both independent and team environments, display strong organizational skills, focus, and leadership or significant contribution capabilities
Communication – Must have excellent communication skills, able to clarify technical concepts and collaborate effectively, with a strong customer-first orientation
Mindset – Looking for proactive individuals with a “Play-to-Win” attitude, dedicated to advancing in cybersecurity, solving problems creatively, and achieving exceptional outcomes.
At least 4 years in SOC, IR, Hunting or MDR teams, skilled in EDR, SIEM, SOAR, and firewalls – Must understand attack trends and excel in threat detection
Technical Skills – Proficiency in EDR, SIEM, SOAR, and firewalls is essential – A strong background in SQL or similar is preferred
Work Ethic – Candidates should thrive in both independent and team environments, display strong organizational skills, focus, and leadership or significant contribution capabilities
Communication – Must have excellent communication skills, able to clarify technical concepts and collaborate effectively, with a strong customer-first orientation
Mindset – Looking for proactive individuals with a “Play-to-Win” attitude, dedicated to advancing in cybersecurity, solving problems creatively, and achieving exceptional outcomes.
This position is open to all candidates.