At One eSecurity, we are a market-leading specialist in Threat Detection and Digital Forensics & Incident Response (DFIR). Our commitment to excellence, innovation, and passion drives everything we do.
We’re looking for a top-tier, fully remote cybersecurity professional with 5+ years of experience in Threat Hunting and Cyber Threat Intelligence (CTI). If you have a sharp eye for advanced threats and hands-on expertise in incident response, join us and make an impact!
Main responsibilities
* Use threat intelligence and behavioral analysis to find potential anomalies and suspicious activities that automated security systems might miss.
* Actively search for hidden threats and indicators of compromise (IOCs) across the network, endpoints, and systems, using both known and unknown attack techniques.
* Operation of Threat Hunting tools such as EDRs, XDRs, SIEMs, etc., including the creation and execution of hunts as well as analysis of results.
* Conduct in-depth analysis of unusual patterns, system behaviors, and network traffic to uncover advanced threats, including zero-day attacks, APTs, insider threats, and advanced malware.
* Develop and refine detection rules and use cases for security monitoring systems (e.g., SIEM, IDS / IPS, EDR solutions) based on evolving attack techniques.
* Generate reports for the Clients, detailing discovered threats, the severity of risks, and recommended actions for remediation.
* Identify trends, tactics, techniques, and procedures (TTPs) used by cyber adversaries.
* Perform deep analysis of indicators of compromise (IOCs) and attack signatures.
* Gather and aggregate information from various sources, such as open-source intelligence (OSINT), dark web monitoring, threat feeds, and other threat-sharing platforms.
* Work closely and provide actionable threat intelligence to support Incident Response team during active cyber incidents and Threat Hunting team during active threat detection.
* Client management.
* Project management.
Requirements :
* University degree is desirable but not required.
* 8+ years professional experience in Threat Hunting, EDR technology, SOC, Blue team, incident response, etc.
* Have a solid understanding of the information security threat landscape.
* Knowledge of the threats most commonly used by attackers.
* Knowledge of analysis platforms and query languages.
* Knowledge of the most commonly used SIEM technologies on the market.
Knowledge / experience :
* Understanding of TCP / IP networks, base protocols for the development and analysis of IDS / PCAPs rules, analysis of logs, and DNS / HTTP packets as well as browsing logs.
* Security frameworks such as MITRE, ENISA, CCN, etc.
* Forensic analysis tools such as Volatility or Regripper.
* Management of services and / or projects.
* Customer focus. Skills to lead meetings, project presentations, etc.
* A plus : experience in team management.
Ability to work in a team.
Demonstrate innovative and creative thinking as well as problem-solving skills.
Languages : Fluent in English and Spanish.
#J-18808-Ljbffr