Threat Intelligence & Threat Hunting Specialist

Threat Intelligence & Threat Hunting Specialist

Position Overview

We are seeking a Threat Intelligence & Threat Hunting Specialist to proactively identify, analyze, and mitigate advanced threats through comprehensive threat intelligence analysis, threat hunting operations, and deep understanding of attacker tactics, techniques, and procedures (TTPs) to enhance organizational security posture.

Key Responsibilities

Threat Intelligence Analysis

• Collect, analyze, and disseminate tactical, operational, and strategic threat intelligence from multiple sources

• Monitor dark web, underground forums, and threat actor communications for emerging threats

• Analyze threat campaigns, malware families, and attack infrastructures to identify organizational risks

• Develop threat intelligence reports and briefings for technical teams and executive leadership

• Maintain threat actor profiles and track adversary evolution and campaign attribution

Proactive Threat Hunting

• Conduct hypothesis-driven threat hunting operations using behavioral analytics and anomaly detection

• Develop hunting queries and detection rules using SIEM platforms and security tools

• Analyze network traffic, endpoint telemetry, and log data to identify indicators of compromise

• Investigate suspicious activities and potential advanced persistent threats (APTs)

• Document hunting methodologies and create repeatable hunting procedures

TTP Analysis & Detection Engineering

• Map adversary behaviors to MITRE ATT&CK framework and develop corresponding detection strategies

• Analyze attack techniques including lateral movement, persistence mechanisms, and exfiltration methods

• Create behavioral signatures and hunting rules based on TTP analysis

• Develop threat models and attack scenario simulations for security testing

• Collaborate with incident response teams to enhance detection and response capabilities

Intelligence-Driven Defense

• Integrate threat intelligence into security tools including SIEM, EDR, and network security platforms

• Develop automated threat feeds and indicator enrichment processes

• Create custom detection rules and hunting playbooks based on current threat landscape

• Support red team exercises and purple team operations for detection validation

• Establish threat intelligence sharing relationships with industry partners and government agencies

Required Qualifications

Technical Skills

• 6+ years experience in threat intelligence analysis and proactive threat hunting

• Expert knowledge of MITRE ATT&CK framework and adversary TTP analysis

• Proficiency with threat hunting platforms (Elastic, Splunk, Microsoft Sentinel, CrowdStrike)

• Strong experience with malware analysis, reverse engineering, and forensic investigation techniques

• Understanding of network protocols, log analysis, and security event correlation

• Knowledge of threat intelligence platforms (MISP, ThreatConnect, Anomali) and intelligence feeds

Analytical Skills

• Proven ability to analyze complex attack campaigns and attribute activities to threat actors

• Experience with threat modeling, risk assessment, and intelligence report writing

• Strong understanding of cyber kill chain methodologies and attack lifecycle analysis

• Knowledge of geopolitical factors influencing threat actor motivations and targeting

Preferred Qualifications

• Bachelor's degree in Cybersecurity, Intelligence Studies, or related field

• Security certifications (GCTI, GCFA, GNFA, CISSP, CISM)

• Experience with intelligence analysis methodologies and structured analytic techniques

• Background in military intelligence, law enforcement, or government cybersecurity roles

• Knowledge of programming languages (Python, PowerShell) for automation and data analysis