Threat Hunter is responsible for participating in threat intelligence driven investigations, developing new detection logic and providing support to the Incident Response Team. The focus of the Threat Hunter is to detect, disrupt and eradicate threat actors from enterprise networks. To execute this mission, the Threat Hunter will use data analysis, threat intelligence, and cutting-edge security technologies while working closely with the global SOC.
Provide analytic investigative support of large scale and complex security incidents. Provide forensic analysis of network packet captures, DNS, proxy, EDR logs as well as logs from various types of security sensors, applications and operating systems
Perform analysis of security incidents & threat actors for further enhancement of Detection Catalog and Hunt missions by leveraging the MITRE ATT&CK framework.
Provide input on best practices with the security staff using available collaboration tools and workspaces
Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed.