Senior Threat Intelligence and Threat Hunting Analyst

Overview

Responsibilities

• Gather, process, and analyze threat data from different sources to create actionable threat intelligence.
• Create and deliver in-depth threat intelligence and threat landscape reports, briefings, and presentations tailored for both technical and non-technical stakeholders.
• Provide situational awareness updates to senior leadership on high-priority threats and geopolitical developments impacting cybersecurity.
• Create and maintain threat profiles for key adversaries targeting the organization or sector.
• Manage a threat intelligence platform (TIP) and ensure proper integration with SIEM, SOAR, and other security tools.
• Manage the assessment and follow-up of third-party security incidents or compromises.
• Design and perform threat hunts and purple team exercises to identify malicious activity, misconfigurations, and visibility gap.
• Help create and maintain detection content, new alerts, dashboards, documentation, playbooks, guidelines, and metric.
• Design, implement, and maintain automated workflows for threat intelligence and threat hunting workflows.
• Serve as a Tier 3 escalation point for the Cybersecurity Operations Center (CSOC) and major Incident Response.
• Evaluate and recommend new tools and technologies to enhance capabilities.

Qualifications

• Master's Degree in Computer Science, Cybersecurity, or other related area and 2 years of relevant work experience.
• Bachelor's Degree in Computer Science, Cybersecurity, or other related area and 3 years of relevant work experience.
• Associate's Degree in Computer Science, Cybersecurity, or other related area and 4 years of relevant work experience.
• High School Diploma/GED and 5 years of relevant work experience.

• Experience in threat intelligence, threat hunting, detection engineering, or a related cybersecurity role, required.
• Possess a deep understanding of cyber threat intelligence and threat hunting frameworks, methodologies, and approaches, required.
• Familiarity with threat intelligence tools and platforms (e.g., TIP, Shodan, VirusTotal) required.
• Strong experience in analyzing IOCs, TTPs, user logs, host logs, network logs, and/or PCAPs to detect malicious activity, required.
• Strong understanding of the MITRE ATT&CK Framework, preferred.
• Strong understanding of Incident Management and Incident Response frameworks, preferred.
• Strong knowledge in Splunk Enterprise Security and Splunk SOAR, preferred.
• Experience using Microsoft Sentinel and KQL, preferred.
• Strong programming experience with Python or a similar language, preferred.
• Knowledge of digital forensics and investigation techniques, particularly on Windows and Linux, preferred.
• Knowledge on cloud security and cloud architecture best practices, preferred.
• OT/ICS Security knowledge, preferred.

• Possesses strong technical aptitude
• Excellent collaboration and team building skills
• Strong verbal communication and listening skills
• Demonstrated written communication skills
• Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc.

• Driver's License Required
• Other: Technical certifications (e.g. CISSP, CISM, CIPP, etc.) Preferred

• The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
• Must be able and willing to travel within Company service territory, as needed.
• Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required.