CFC CTI Expert Cyber Threat Hunter
Heredia, Costa Rica
Applications have closed
Experian
Experian is committed to helping you protect, understand, and improve your credit. Start with your free Experian credit report and FICO® score.Company Description
Experian is the world’s leading global information services company. During life’s big moments – from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers – we empower consumers and our clients to manage their data with confidence. We help individuals to take financial control and access financial services, businesses to make smarter decisions and thrive, lenders to lend more responsibly, and organizations to prevent identity fraud and crime.
We have 20,000 people operating across 44 countries and every day we’re investing in new technologies, talented people, and innovation to help all our clients maximize every opportunity.
Job Description
Experian Cyber Fusion Center (CFC) is seeking a Expert Cyber Threat Hunter to be part of a global Cyber Threat Hunting (CTH) team that promotes timely and actionable threat intelligence information. This is an incredible opportunity to join a world-class organization and join a global team of highly skilled and innovative people to help us stay ahead of adversaries. The CTH team focuses on defending against emerging threats, supporting cyber investigations, and delivering situational awareness to the business.
The Expert Cyber Threat Hunter serves as a member of the CTH team. Perform all aspects of cyber threat hunting from preparation, hunting, and reporting to include:
- Manage cyber threat hunting activities which may include cyber threat hunters from other CFC teams; Serve as a senior subject matter expert for cyber threat hunting activities performed by the CTH team and other CFC teams
- Develop or contribute to developing core foundational components of the Cyber Threat Hunting program
- Dedicate primary daily focus to hunt the Experian environment for threats and anomalies with intelligence gathered from Cyber Threat Intelligence sources
- Brief findings to senior level management, technical and non-technical leaders, as well as cybersecurity, risk, human resources, legal, and information technology practitioners
- Conduct proactive and targeted hunting activities to identify and mitigate advanced threats that have bypassed traditional security controls with intelligence gathered from Cyber Threat Intelligence (CTI) sources, incident response, and forensic teams
- Develop content that will drive CFC monitoring and detection (use cases, priority, actionable and relevant intelligence) this includes the creation of CTH products to describe and detail analysis
- Develop processes and procedures for tactical information collection, analysis, processing, production, and dissemination
- Develop greater holistic insight and adversarial mapping to MITRE ATT&CK® tactics and techniques, Common Vulnerabilities and Exposures (CVEs), Indicators of Attacks (IOAs) / Indicators of Compromise (IOCs)
- Ensure assignments are completed in an efficient and effective fashion; follow all processes and procedures outlined in the Wiki, SharePoint, and MS Teams
- Closely monitor critical vulnerabilities, threat actors, threat actor campaigns, threat actor TTPs, and changes in the cyber threat landscape
- Save past "hunts" or queries for tracking and collaboration purposes (saved work can transform one-time hunts into persistent queries)
- Develop and maintain a repository of SOPs, playbooks, and checklists for hunting that aligns with MITRE ATT&CK® techniques and the availability of current data
- Assist with Incident Response analysis and forensic investigations when requested
Qualifications
The primary responsibility of the Expert Cyber Threat Hunter is to proactively investigate security events to identify artifacts of a cyber-attack. The Expert Cyber Threat Hunter will also be expected to participate in several different areas within Security Operations and Incident Response process; these activities can include malware reverse engineering, digital forensics activities, incident response activities, detection use case development, security control testing, and cyber threat hunting plan development. This position requires the candidate to function as a CTH team member, but also operate independently.
- 7+ years of experience or equivalent skill level in a technical security role with a focus on threat hunting, threat intelligence, incident response, digital forensics, or related areas
- In-depth knowledge of advanced threat actors, attack techniques, and malware analysis
- Strong understanding of incident response processes, specifically with detection, response, and containment
- Working knowledge of the Cyber Kill Chain Model, Diamond Model, Course of Action Matrix, and MITRE ATT&CK Matrix® and how each methodology can be applied to cyber threat hunting
- Extensive experience in detecting advanced attack methodologies via log analysis and/or endpoint tools, as well as event management tools, such as ArcSight, Splunk, or QRadar
- Deep understanding of and ability to conduct packet analysis with deep packet inspection toolsets to support threat identification
- Experience with at least one common scripting or programming language, such as Python, JavaScript, and/or PowerShell
- Strong understanding of the Windows, Linux / *NIX, and macOS operating systems, as well as command-line tools
- Strong knowledge of common tactics, techniques, and procedures used by threat actors and the tools and methods to detect and find them
- Capable of developing detection signatures (YARA, SNORT)
Additional Information
Our benefits include: Medical, life and dental insurance, Asociación Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.
#LI-GJ1
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
Experian is proud to be an Equal Opportunity and Affirmative Action employer. We’re passionate about unlocking the power of data to transform lives and create opportunities for consumers, businesses, and society. For more than 125 years, we’ve helped people and economies flourish – and we’re not done.
We take our people’s agenda very seriously. We focus on what truly matters; diversity and inclusion, work/life balance, flexible working, development, collaboration, wellness, reward & recognition, volunteering, making an impact... the list goes on. See our DEI work in action!
The power of YOU. We are building a culture where everyone is comfortable bringing their whole self to work. A place where we not only respect our differences and values but celebrate them in a positive and supportive environment.
Find out what is like to work for Experian and discover the Unexpected!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: ArcSight Cyber Kill Chain Forensics Incident response JavaScript Linux Log analysis MacOS Malware MITRE ATT&CK Monitoring PowerShell Python QRadar Reverse engineering Scripting SharePoint Snort Splunk Threat intelligence TTPs Vulnerabilities Windows
Perks/benefits: Flex hours Flex vacation Medical leave Salary bonus Team events Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.