Technology Cyber Threat Hunter

Cooley is seeking a Technology Cyber Threat Hunter to join the Security team.

Position summary:  Cooley Technology embraces a culture of customer service excellence, and all members of the department are expected to move this agenda forward. To that end, the Technology Cyber Threat Hunter is expected to recognize that the Cooley Technology department is a service organization first and foremost and will be evaluated on this requirement equal in importance to the technical or operational responsibilities outlined later in this document.

The Technology Cyber Threat Hunter will work to proactively identify and investigate suspicious activity, analyze threat intelligence to stay ahead of emerging attacker tactics, and translate findings into actionable security improvements protecting our organization's assets. This role requires a deep understanding of advanced threat detection techniques, strong analytical skills, and the ability to work collaboratively with other security professionals. Specific duties include, but are not limited to, the following:

Position responsibilities:

• Conduct proactive threat hunting activities to identify suspicious activity and potential cyber threats, preventing escalation
• Apply independent critical thinking to analyze threat intelligence data, emerging attack techniques, tactics, and procedures (TTPs) to determine the best response and remediation actions
• Conduct analysis of log data from various internal data sources (e.g., firewalls, hosts, EDR, IDS/IPS) to identify suspicious activity and assess potential threats impacting the organization
• Develop and deploy security monitoring content, including dashboards and alerts within the organizations SIEM and other security tools to detect threats, suspicious activities, aiding in incident investigation efforts
• Regularly review evaluate and optimize custom and default detection content to ensure it supports internal and SOC operations effectively
• Create and maintain technical documents including, but not limited to content creation, content/rule review process, queries for disparate log sources, network/security visibility issues, detection gaps, and monitoring strategies
• Identify areas for improvement in security monitoring and propose enhancements to strengthen the organizations detection and response capabilities
• Mentor and guide fellow security team members, assisting with project execution and promoting skill development in tactical security practices
• Directly interface, manage and mentor the SOC
• Developing strategies to handle security incidents and coordinating responses to security breaches
• Required to participate in a 7x24 on-call rotation
• Perform duties as assigned

Skills and experience:   

Required:

• After orientation at Cooley LLP, exhibit proficiency in the Microsoft Office suite, iManage and other firm applications
• Ability to work extended and/or weekend hours, as required
• Ability to travel as required
• 2+ years direct applicable relevant experience (e.g., information/technology security)
• Eligible for consideration of Senior designation 5+ years direct applicable experience
• Knowledge of content creation concepts, content development management, content testing, implementation, and threat analysis of complex events
• Experience in monitoring and analyzing logs and alerts from a variety of different technologies and sources to include but not limited to Network/Host, EDR, Firewall, IDS/IPS, Cloud (IaaS, PaaS, SaaS)
• Experience in leading incident response engagements
• Experience in developing detection content using various data sources and query languages
• Knowledge of security architectures, devices, firewalls, and system and application security threats and vulnerabilities
• Experience with presenting findings, conclusions, alternatives, and information clearly and concisely to stakeholders and vendors
• Proven practical experience in information security and well-rounded knowledge of technology
   

Preferred:

• Bachelor’s Degree in Information Technology, Computer Information Systems or Cyber Security
• CySA+, CASP+, CISSP or equivalent certifications and/or experience
• Knowledge of security standards and frameworks (e.g., MITRE ATT&CK)
• Experience with security tools related to EDR, Firewalls, IPS/IDS, DLP, Forensic/Malware Analysis, SIEM, Cloud

Competencies:   

• Exceptional customer service skills
• Excellent analytical, problem-solving, customer service, project management and communication skills
• Goal-oriented
• Proven track record of excellent decision making, integrity and working with Technology management, business professionals u
• Excellent oral and written communication skills, including technical and user documentation
• Strong organizational skills
• Ability to work independently and under high pressure with tight schedules and deadlines
• Ability to interact well with all levels of business professionals
• Excellent active listening skills
• Flexible and patient with process development/execution and adherence to instruct project management practices
• Capable of grasping new concepts quickly and without prior experience
• Detail-oriented
• Ability to multi-task and work in fast-paced environment
• Ability to interact and coordinate with several teams to achieve objectives
• Ability to solve problems independently and simultaneously, effectively managing multiple tasks
• Professional demeanor at all times

Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices.

EOE.

The expected annual pay range for this position with a full-time schedule is $110,000 - $155,000. Please note that final offer amount will be dependent on geographic location, applicable experience and skillset of the candidate. Senior level candidates may be considered for this position and would be eligible for a higher salary range based on experience.

We offer a full range of elective benefits including medical, health savings account (with applicable medical plan), dental, vision, health and/or dependent care flexible spending accounts, pre-tax commuter benefits, life insurance, AD&D, long-term care coverage, backup care for children and/or adults and other parental support benefits. In addition to elective benefit options, benefited employees receive firm-paid life insurance, AD&D, LTD, short term medical benefits as well as 21 days of Paid Time Off (“PTO”) and 10 paid holidays each year. We provide generous parental leave and fertility benefits. New employees will attend a detailed benefit orientation to learn more about our many benefits and resources.