Cyber Threat Hunting Analyst

MPA Recruitment has been appointed by a leading technology company in the North West to source a Cyber Threat Hunting Analyst, HTIU Investigator to join their team.  Our clients High-Tech Investigations Unit (HTIU) is a global unit responsible for cyber investigations in the U.S., Asia, Europe and South America.  This is an exciting time to join a growing team.  The High-Tech Investigations Unit is seeking an experienced individual for a position within the High Technology Investigations team in our client’s office in Letterkenny, Ireland.   

Our High-Tech Investigations Unit, part of the larger Cybersecurity and Privacy Law Team, is seeking a Cyber Threat Hunting Analyst to assist in the development and expansion of the Cyber Threat Hunting Operations program. The mission of the program is to proactively examine our global network infrastructure and systems, to detect and isolate advanced adversarial threats that have evaded enterprise security mechanisms.

Hours of operation will be 9am to 5pm GMT.  However, flexibility in hours of operation is a must in this position & will involve providing On-Call support based on Business needs. 

This role may involve as much as 15% travel in support of response and training. 

Roles and Responsibilities:

• The Cyber Threat Hunting Analyst will be responsible for the design, documentation, and execution of threat hunting operations to detect known adversary tactics, techniques, and procedures (TTPs).
• The analyst will assist in the development of processes and procedures, systems, and data analytic routines necessary to execute cyber threat hunting operations.
• Additionally, the analyst will also be responsible for performing threat research to identify emerging TTPs in support of hunt operation development.
• Under certain circumstances, the analyst maybe required to assist with cyber incident response or other corporate investigations

Required Qualifications:

• 4 plus years of experience responding to cyber incidents in a large corporate/government environment or 4 plus years of experience conducting penetration testing engagements.
• A thorough understanding of the adversarial tactics, techniques, and procedures leveraged by advanced threat actors to compromise, achieve persistence, and exfiltrate data from targeted networks.
• Familiarity with cyber security frameworks (ATT&CK, Cyber Kill Chain, etc.)
• Knowledge of common attack vectors, network exploitation techniques, and exfiltration channels.
• Knowledge and understanding of network protocols, endpoint/server operating systems, and secure architectures.
• Experience performing host, log, memory, and network forensics.
• Proficient in Python (preferred) or another programming language.
• Advanced experience in the use of Splunk and the Search Processing Language (SPL).
• Experience using forensic software suites (X-ways, EnCase, FTK).
• Ability to define and continuously improve processes to enhance efficient threat hunting operations.
• Strong analytical and problem-solving skills.
• Strong verbal and written communication skills.
• Ability to work independently or on a team.
• Bachelor’s Degree in Digital Forensics, Information Security, Computer Science, Information Technology, or a related discipline.

Preferred Qualifications:

• Experience conducting cyber threat hunting operations.
• Experience with the Elasticsearch, Kibana, and Logstash (ELK) stack.
• Experience with Jupyter Python, Apache Spark and performing big data analytics.
• GCFE, GCFA, GCIH, GREM, GNFA, GPEN, CISSP or similar industry-accepted certifications
• Knowledge of Cloud computing platforms, primarily AWS and Microsoft.
• Experience reversing and analysing malicious software

Note: Rotation of shift may also be required to cover US hours in order to support other team members – advance notice will be provided when possible.

This role boasts a competitive salary, alongside a very attractive benefits package. I am keen to have an initial discussion with anyone who feels this could potentially be of interest. Please contact Andrew McSparran, Executive Search Consultant at MPA Recruitment on +44 (0)28 7136 0070 or send an up to date CV via the link provided to speak further about this opportunity.

To help MPA Recruitment find you the perfect job, we need to store and process your personal information. This means your details will be entered into MPA Recruitment’s database and our consultants may contact you from time to time with relevant job opportunities. By applying, you're confirming you're happy for us to do that.

All conversations will be treated in the strictest of confidence.