Threat Hunter

Ensign is hiring

**Responsibilities**:

- Baseline for normal operations and detect abnormalities
- Perform hunt for anomalous events and investigate compromised systems.
- Manage research related to threat hunting adversaries in our environments.
- Participate effectively in investigations related to threat hunting adversaries in our environments
- Perform Real-Time monitoring and triaging of security alerts as L3 SOC analyst
- Act as the first point of contact (POC) for security incidents and anomalies
- Contribute in working closely with other teams to provide mitigation recommendations to reduce the overall security risk within the organization
- Provide ideas and feedback to improve the overall L3 SOC capabilities and threat hunting
- Perform basic research on threats, vulnerabilities and potential threat vectors and work with multi-disciplines to improve prevention and detection methods
- Assist in developing playbooks for triaging new threats
- Available to be on-call, weekend and/or night-shift duties upon schedule and as required

Technical Pre-Requisites:

- 2 years and above experience in cyber operations, preferably as a L3 SOC anayst or Threat Hunter
- Operational experience with enterprise security tools (e.g. Splunk, CrowdStrike, QRadar)
- At least one Information Security Professional Certification (e.g. CISSP, GMON, GCIH, GCIA, GDSA, GPEN)
- Detailed understanding of the MITRE ATT&CK framework and Cyber Kill Chain
- Demonstrates strong written and oral communication skills, with the ability to present to a technical or non-technical audience