Cyber Threat Hunter [GSOC]
Allen, TX

Job Description

The Cyber Threat Hunter is part of the Experian Global Security Operations Center. The primary responsibility for the threat hunter is to proactively investigate security events to identify artifacts of a cyber-attack. They will also be expected to participate in several different areas within Security Operations and Incident Response process; these activities can include malware reversing, digital forensics, use case development, security control testing, and hunt plan development

4 years of experience in a technical security role in one of the following areas: intrusion detection, incident response, malware analysis, exploit development, and/or red team experience.

* Experience with the incident response process, specifically with detection and containment.
* Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITER ATT&CK Matrix.
* Experience detecting advanced attack methodologies via log analysis. Experience using event management tools (example: ArcSight, Splunk, or QRadar for analysis and use case development.)
* Experience with packet analysis and usage of deep packet inspection toolsets.
* Experience with a common scripting or programming languages, such as Python, JavaScript, and/or PowerShell.
* Strong understanding of the Windows file system and registry functions or *NIX operating systems and command line tools.
* Knowledge of common tactics used by attackers and methods for detection.
* Knowledge and experience developing detection signatures (YARA, SNORT).

Bonus Points:

* 2 years of experience with cyber threat intelligence collection and analysis.
* Security Certifications: Certified Ethical Hacker (CEH), Certified Incident Handler certification (GCIH), GIAC Cyber Threat Intelligence certification (GCTI), GIAC Penetration Tester (GPEN), GIAC Reverse Engineering Malware (GREM), GIAC Network Forensic Analyst (GNFA), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), CompTIA Net , CompTIA Sec , CISSP.