UnderDefense is looking for a passionate Threat Hunter to join our rapidly growing team of Intrusion Analysts tasked with defending UnderDefense customers and understanding their adversaries. As part of our remote close-knit team, you will bring with you your experience in cybersecurity or threat intelligence to help evolve how we do threat hunting at UnderDefense.
UnderDefense SOC/MDR team leverages the possibility to prevent cyber threats using our proprietary solution and apply lessons learned for improving alert quality and automating responses. Active Threat Hunting, Incident Response, BEC, Threat Intelligence/Analytics and Ransomware cases resolution – this is what you’d face with us. Upon joining our team, you will get a chance to solve some of today’s toughest cybersecurity challenges.
After a period of learning our custom-built tool suite, workflows, and methodologies, you will join other MDR analysts protecting our customer’s networks by identifying and understanding intrusions using Endpoint/Network/Cloud data and the broader UnderDefense product suite. When the pressure is off you will be involved in building tools, and working with other UnderDefense teams across a broad range of topics and projects.
As you grow in your role there will be plenty of opportunities for you to expand and shape the sort of detection and threat hunting you do within SOC, as well as career and professional development opportunities for the enthusiastic.
What is in it for you?
- Real, Complex Incident Responses.
- Hands-On Cloud Security Work.
- Accelerated Growth: work on cases that go beyond conventional scenarios, pushing your technical expertise forward and positioning you as a subject matter expert over time.
- Impactful Environment: a dedicated group of security professionals passionate about solving complex challenges and protecting clients worldwide.
What you can do for us:
- Conduct treat hunting operations in most complex and critical environments.
- Analyse adversary activity and communicate findings to customers as part of our fast-paced time sensitive mission to help stop breaches.
- Undertake research to improve our detection capabilities and increase our understanding of our adversaries.
- Leverage network/host-based intrusion analysis, and cyber threat intelligence to uncover and analyse intrusions.
- Gain fast-paced experience in dealing with state-sponsored threat actors.
- Take on responsibilities for hunting specific nation-state adversaries in our immense data set.
- Analyse log data to detect active threats within the network using knowledge of the current threat landscape, threat actor techniques, and the internal network.
- Perform advanced threat research to proactively identify potential threat vectors and work with engineering and security teams to improve prevention and detection methods.
- Develop expertise on the threat landscape using internal data, threat trends, and operational metrics to clearly communicate the threat landscape to senior executive.
- Proactively build and maintain relationships with partner teams, including but not limited to Cyber Intelligence, Red Team, Insider Threat, and CSOC.
- Coordinate with multidisciplinary teams across operations, intel, and engineering to iteratively improve security controls and detection capabilities.
- Conduct time-sensitive analysis during cyber investigations, including active threat hunting and malware analysis.
- Identify gaps in logging capabilities and develop and propose strategies to fill gaps.
- Identify and propose automated alerts for new and previously unknown threats. Collaborate with teams across the Cyber organization to mitigate risk by testing, deploying, and developing investigative playbooks.
- Automate repetitive hunt processes using a wide range of tools and techniques.
- Identify and enhance processes where automation has the potential to improve efficiencies, provide actionable data, and facilitate collaboration.
- Mentor other analysts in project execution and tactical upskilling; conduct brown bag lunches to teach specialized skill sets.
- 4+ years hands-on experience in Security Operations Center.
- Experience as a user/admin with EDR, SIEM, SOAR solutions. SentinelOne/Crowdstrike, Microsoft/Elastic/Splunk will be preferable.
- MITRE, CyberKillChain frameworks – is your mantra.
- Effective self-learning and multitasking skills.
- Fluent in English (min B2-C1).
- One or more of the following certifications: OSCP, CEH, GIAC, GCIH, GCFA, GREM.
About other benefits:
- $$$ for the right candidate.
- Training and career development programs (HTB is part of our mandatory team development).
- Continuous Internal trainings and workshops. A lot of it.
- Team. That’s what’s really matter. Rare & Cool people, personalities, PROs.
- Innovative and dynamic work environment focused on product development.
- Remote/Flexible working hours to accommodate personal commitments.
- Opportunities for global collaboration with teams around the world.
- Cool customers. Freedom to Build it RIGHT! Finally. Quick decision making.
- Other things are available, accept the Offer.
Refer a friend to join our team!
Know someone perfect for the job? Refer them today and help us grow together!
Location
Employment type
Department
UnderDefense is looking for a passionate Threat Hunter to join our rapidly growing team of Intrusion Analysts tasked with defending UnderDefense customers and understanding their adversaries. As part of our remote close-knit team, you will bring with you your experience in cybersecurity or threat intelligence to help evolve how we do threat hunting at UnderDefense.
UnderDefense SOC/MDR team leverages the possibility to prevent cyber threats using our proprietary solution and apply lessons learned for improving alert quality and automating responses. Active Threat Hunting, Incident Response, BEC, Threat Intelligence/Analytics and Ransomware cases resolution – this is what you’d face with us. Upon joining our team, you will get a chance to solve some of today’s toughest cybersecurity challenges.
After a period of learning our custom-built tool suite, workflows, and methodologies, you will join other MDR analysts protecting our customer’s networks by identifying and understanding intrusions using Endpoint/Network/Cloud data and the broader UnderDefense product suite. When the pressure is off you will be involved in building tools, and working with other UnderDefense teams across a broad range of topics and projects.
As you grow in your role there will be plenty of opportunities for you to expand and shape the sort of detection and threat hunting you do within SOC, as well as career and professional development opportunities for the enthusiastic.
What is in it for you?
- Real, Complex Incident Responses.
- Hands-On Cloud Security Work.
- Accelerated Growth: work on cases that go beyond conventional scenarios, pushing your technical expertise forward and positioning you as a subject matter expert over time.
- Impactful Environment: a dedicated group of security professionals passionate about solving complex challenges and protecting clients worldwide.
What you can do for us:
- Conduct treat hunting operations in most complex and critical environments.
- Analyse adversary activity and communicate findings to customers as part of our fast-paced time sensitive mission to help stop breaches.
- Undertake research to improve our detection capabilities and increase our understanding of our adversaries.
- Leverage network/host-based intrusion analysis, and cyber threat intelligence to uncover and analyse intrusions.
- Gain fast-paced experience in dealing with state-sponsored threat actors.
- Take on responsibilities for hunting specific nation-state adversaries in our immense data set.
- Analyse log data to detect active threats within the network using knowledge of the current threat landscape, threat actor techniques, and the internal network.
- Perform advanced threat research to proactively identify potential threat vectors and work with engineering and security teams to improve prevention and detection methods.
- Develop expertise on the threat landscape using internal data, threat trends, and operational metrics to clearly communicate the threat landscape to senior executive.
- Proactively build and maintain relationships with partner teams, including but not limited to Cyber Intelligence, Red Team, Insider Threat, and CSOC.
- Coordinate with multidisciplinary teams across operations, intel, and engineering to iteratively improve security controls and detection capabilities.
- Conduct time-sensitive analysis during cyber investigations, including active threat hunting and malware analysis.
- Identify gaps in logging capabilities and develop and propose strategies to fill gaps.
- Identify and propose automated alerts for new and previously unknown threats. Collaborate with teams across the Cyber organization to mitigate risk by testing, deploying, and developing investigative playbooks.
- Automate repetitive hunt processes using a wide range of tools and techniques.
- Identify and enhance processes where automation has the potential to improve efficiencies, provide actionable data, and facilitate collaboration.
- Mentor other analysts in project execution and tactical upskilling; conduct brown bag lunches to teach specialized skill sets.
- 4+ years hands-on experience in Security Operations Center.
- Experience as a user/admin with EDR, SIEM, SOAR solutions. SentinelOne/Crowdstrike, Microsoft/Elastic/Splunk will be preferable.
- MITRE, CyberKillChain frameworks – is your mantra.
- Effective self-learning and multitasking skills.
- Fluent in English (min B2-C1).
- One or more of the following certifications: OSCP, CEH, GIAC, GCIH, GCFA, GREM.
About other benefits:
- $$$ for the right candidate.
- Training and career development programs (HTB is part of our mandatory team development).
- Continuous Internal trainings and workshops. A lot of it.
- Team. That’s what’s really matter. Rare & Cool people, personalities, PROs.
- Innovative and dynamic work environment focused on product development.
- Remote/Flexible working hours to accommodate personal commitments.
- Opportunities for global collaboration with teams around the world.
- Cool customers. Freedom to Build it RIGHT! Finally. Quick decision making.
- Other things are available, accept the Offer.