Listing Description
At Regions, the Cyber Threat Hunter focuses on finding evidence of threats or suspicious behavior, and leveraging data to improve controls and processes. This position will be responsible for implementing technologies and processes to conduct information security investigations with the goal of predicting, detecting and responding to incidents. The role requires a blend of investigative, analytical, security, and technical skills to be successful.
Primary Responsibilities
- Leverages tools, intelligence, and data from multiple sources on "hunting exercises" to discover evidence of threats, insider misconduct, or anomalous behavior
- Collects and analyzes data from multiple sources to find anomalies
- Participates in the coordination of response, remediation, and recovery activities for potential security incidents
- Continuously evaluate new information for changes in actors, tactics, techniques, and targets in the cyber threat environment
- Updates and enhances defenses, detection capabilities, threat scenarios, and response playbooks
- Develops and maintains strong working relationships with key partners, stakeholders, and even peers at other institutions
- Drafts communications and presentations for stakeholders and management regarding investigations, potential threats, suspicious activity or anomalies
- Assists management with analyzing potential gaps in skills among team
This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.
Requirements
- High School Diploma or GED and ten (10) years of related post-secondary education and/or experience in Information Security or Information Technology
Preferences
- Demonstrated experience as a key member of a security operations team (SOC, Incident Response, Threat Intel, Malware Analysis, IDS/IPS Analysis, etc.)
- Nominal understanding of regular expression and at least one common scripting language (PERL, Python, Powershell)
- Knowledge of SIEM search language, search techniques, alerts, dashboards, and report building a plus
- Strong networking background or foundation of knowledge is preferred. Firm understanding of the TCP/IP networking stack, network technologies, network traffic analysis
- Demonstrated knowledge of Linux & Windows Server operating systems is preferred
- Familiarity with the tactics, technologies, and procedures related to Cyber Crime, Malware, Botnets, Hacktivism, Social Engineering, APT, or Insider Threat is ideal
- Familiarity with various Information Security concepts such as: cyber kill chain, attack/pentest methodology, pyramid of pain, threat intelligence diamond model, threat intelligence lifecycle
Skills and Competencies
- Advanced analytical and evaluative thinking capability
- Advanced problem solving skills to offer sound solutions to complex issues
- Strong organizational, research, analytical and/or problem-solving skills to evaluate situations, make recommendations, and take effective action
- Strong written and verbal communication skills
Listing Details
- Salary: $100000 - $140000
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided