Cyber Threat Hunter
IBM MSS Security Operations Center (SOC) is seeking an experienced EDR/threat hunter. The selected candidate will spend time analyzing alerts, proactively hunting for malicious activity, and developing new detection methods. Additionally, the hunter will be focused on identifying potentially sophisticated APT and Insider Threat activities within client environments and developing advanced reporting on that activity to include remediation steps. The successful candidate will be able to work both independently and as part of a larger team, have a strong understanding of TTPs, have exceptional technical writing skills, and be able to work in stressful situations.
Required Technical and Professional Expertise
5 years in the cyber threat intelligence industry or equivalent knowledge and experience OR
3 years experience in EDR (Endpoint technology and response) OR
3 years experience in host forensics or equivalent field OR
3 years in incident response with extensive knowledge of the inner-workings of the windows\\\\linux\\\\osx operating systems
3 years in technical writing, developing technical documents, and incident response reporting.
Ability to quickly identify suspicious events thru pattern and behavioral analysis, intelligence correlation, and anomaly detection
Extensive knowledge of current and past malware, attack methodologies, and adversaries.
Experience in malware reversing both static and dynamic
Scripting experience in one or more languages
Exceptional communicative skills
Preferred Tech and Prof Experience
Strong understanding of TTP’s