Primary Responsibilities

• Plan, conduct, and document iterative, hypothesis-based threat hunts.
• Analyze and investigate anomalies for potential risk across the full spectrum of cyber threats.
• Review and analyze Security Information and Event Management (SIEM) alerts to develop hunt hypotheses.
• Propose, discuss, and document custom searches for automated detection of threat actor activity based on hunt findings.
• Utilize open-source intelligence to inform hunt hypothesis development.
• Track and document cybersecurity incidents from detection to resolution.
• Provide computer forensic support during investigations, including evidence seizure, computer forensic analysis, and data recovery.
• Conduct malware analysis including static and dynamic analysis of complex malware.
• Proactively assess the compute environment for patterns and anomalies, tagging events for Tier 1 & 2 monitoring.