For Employers
Flag button to switch language
Flag button to switch language
For Employers
SOC Threat Hunter
Company logo - click to visit company page
Teleperformance Greece
2001-30000
Customer Service / Call Center
View 319 jobs
TavrosLocation
Tavros
18 days ago
Posted date
18 days ago
Mid-levelMinimum level
Mid-level
Full-timeJob type
Full-time
ITJob category
IT
Partly remoteRemote policy
Partly remote

The Threat Hunting team is expected to deliver knowledge of attack techniques and tactics for new or evolving threats to the rest of SOC organization, identify early warnings alerts and provide integration of the intel into existing cybersecurity tooling stack.

They will be also expected to participate in different areas within Security Operations and Incident Response process; these activities can include digital forensics, use case development, security control testing, and hunt plan development.

Working within the Security Operations Center team, the Threat Hunter is responsible for reviewing system log events and data packets to proactively detect advanced threats that evade traditional security solutions They will ensure that new environments are identified and understood to enable accurate and actionable reporting for other tiers of Security organization and additionally is expected to actively participate in developing processes, procedures, training, etc. for new technologies.

 

The candidate must have a curious investigative mind, an interest in information security, and the ability to communicate complex ideas to varied audiences.

Key Responsibilities and Accountabilities:

  • Track threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs)
  • Capture intelligence on threat actor TTPs/IOCs and coordinate with SecOps pods to develop countermeasures
  • Provide forensic analysis of network packet captures, DNS, proxy, netflow, malware, host-based security and application logs, as well as logs from a variety of security sensors
  • Perform Root Cause Analysis of security incidents to develop enhancements to existing alerting tools
  • Compile detailed investigation and analysis reports for internal SecOps consumption and delivery to management
  • Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
  • Develop advanced queries and alerts to detect adversary actions
  • May perform other relevant duties as requested.

Educational Background:

  • Bachelor’s degree in computer science, Information Security, or a related field.

Technical Skills:

  • 3+ years of experience in Information Security (Required)
  • 1+ years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, and malware triage (Required)
  • Experience with packet analysis and usage of deep packet inspection toolsets.
  • Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITRE ATT&CK Matrix.
  • Familiarity with EDR/SOAR/Anomaly detection solutions
  • Prior experience working with in the following areas: (Desired)
  • Computer Incident Response Team (CIRT)
  • Computer Security Incident Response Center (CSIRC)
  • Security Operations Center (SOC)
  • Experience with APT/crimeware ecosystems (Desired)
  • Industry certification such as the following: (Desired)
  • SANS (GCIH, GPEN, GWAT, GXPN, GCFA, GCFE, GREM)
  • Offensive Security (OSCP, OSWE, OSCE, OSEE)

Soft Skills:

  • Excellent communication skills (both written and verbal)​
  • Detail-oriented
  • Critical thinking
Related tags
JOB SUMMARY
SOC Threat Hunter
Company logo - click to visit company page
Teleperformance Greece
Tavros
18 days ago
Mid-level
Full-time