Senior Threat Hunter - United Kingdom - Dragos United Kingdom Bookmark Share Print 328 1 2

Listing Description

Overview Dragos Threat Intelligence works to discover threats to critical infrastructure, to develop innovative analytics for detection, to support investigations and incident response, and to provide customers with industry-leading situational awareness. Unlike many other teams with a broader mission, we focus intensely on operational threats to industrial control networks; this gives our analysts the time and space necessary to do world-class research and intelligence on the most advanced and significant threats in the world. Dragos is comprised of the industry’s most experienced team of ICS security practitioners, who have been on the front lines of significant global industrial cybersecurity incidents, including the Ukrainian power grid attacks. Our team has proven experience responding to industrial cyber threats, such as PIPEDREAM malware, and threat groups targeting critical infrastructure like ELECTRUM, XENOTIME, and VOLTZITE. Our team is seeking a UK-based Senior Threat Hunter to support Threat Intelligence customers throughout Europe. In this role you will execute threat hunts tailored to specific industries and assigned threat groups while delivering content for our WorldView platform. Responsibilities Leverage Expertise of Threat Groups: Use existing expertise to uncover and track OT-focused Threat Groups (TG’s). Cultivate further expertise to enhance Dragos insights into the OT threat landscape. Execute Industry-Specific Threat Hunts: Conduct comprehensive threat hunts tailored to specific industries. Create Analytical and Technical Reports: Draft detailed reports on regional and industry-specific threats to Operational Technology. These reports are designed for consumption by both operational teams (SOC, IR, etc.) and strategic-level stakeholders (CISO, Management). Participate in Relevant Working Groups: Engage in working groups that are pertinent to your assigned industry. This participation aids in sharing insights and gaining a deeper understanding of industry-specific threats. Identify Detection Opportunities: Discover opportunities for detection (YARA rules, IOCs, etc.) that can be implemented in the Dragos platform for the benefit of customers. Formulate Intelligence Requirements: Develop Intelligence Requirements that are based on customer needs and your understanding of your assigned region or industry. Establish New Relationships and Data Sources: Identify or create new relationships and data sources that can be utilized in hypothesis-led hunting. Qualifications Residency and Work Authorization: Candidates must reside in the UK and possess legal authorization to work within the country. Experience in Threat Hunting, Network-Based Intrusion Analysis, and Detections Development: A minimum of 4 years of experience in hunting adversaries, analyzing intrusions, and developing detection analytics. Pivoting Experience: Candidates should have experience in pivoting across the Diamond Model, all stages of the Kill Chain, and Mitre ATT&CK. Report Writing Skills: Experience producing customer-facing intelligence reports Development of IOCs: Experience in developing indicators of compromise (IOCs) for customer-facing applications. Knowledge of Adversarial Threat Groups: Candidates should have demonstrated knowledge of adversaries/Threat Groups, including their tactics, techniques, procedures, and the adversary lifecycle. Compensation Salary: GBP 108,500 Competitive equity package Comprehensive benefits plan About Dragos Dragos is the Industrial Cybersecurity expert on a relentless mission to safeguard civilization. In a world of rising cybersecurity threats, Dragos protects the most critical infrastructure – those that provide us with the tenets of modern civilization – from increasingly capable adversaries who wish to do it harm. Devoted to codifying and sharing our in-depth industry knowledge of ICS/OT systems, Dragos arms industrial defenders around the world with the knowledge and tools to protect their systems as effectively and efficiently as possible. Founded by world-class industrial intelligence experts, Dragos has the industry’s largest team of ICS/OT practitioners who have been on the front lines of the world’s most significant industrial cyber-attacks. Diversity, Equity, and Inclusion are core values at Dragos, and we are passionate about building and sustaining an inclusive and equitable working environment for all. We know that every member of our team enriches our diversity by exposing us to a broad range of ways to understand and engage with the world, identify challenges, and discover, design, and deliver solutions. Not only does a Diversity, Equity, and Inclusion focus enrich our environment and teams, but it is also critical to our success as we defend against adversaries all over the world. The broad range of ideas, experiences, and perspectives is critical to our success. Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment. #LI-JF1 #LI-REMOTEResponsibilities: schema['responsibilities']Qualifications: schema['qualifications']