BTB Security has a need for a Cyber Security Threat Hunter to assist our clients with detecting and responding to security threats within their organization. The Threat Hunter will work within BTB Security’s Threat Operations and focus on BTB Security’s Managed Detection and Response service, RADAR.
- Hunt Threats by Leveraging RADAR Intelligence and Tools
RADAR houses a myriad of security data from our clients’ environments. The Threat Hunter will leverage RADAR intelligence, investigative tools, and automated alerting to identify threats to our clients.
- Investigate High Confidence Alerts
RADAR automated intelligence produces high confidence alerting that requires immediate action and investigation. The Threat Hunter will respond to high confidence alerts, investigate root cause, and provide clients with actionable recommendations and eradicating the threat.
- Enhance Threat Hunting Tools and Techniques
Automated intelligence and investigative tools require constant improvement to combat threats posed by the modern adversary. The Threat Hunter will assist in the development and improvement of new tools and techniques to assist in the detection and response to security events and incidents.
- Mentor Threat Operations Team
The Threat Ops team at BTB is comprised of individuals with varying degrees of experience. The Threat Hunter is expected to mentor junior team members during the investigation and alert triage.
- Perform Incident Response
The Threat Hunter will engage with clients during the incident response process to ensure identified security threats are eradicated. Root cause analysis, preventative control evaluation, and detective control development must be conducted to reduce the risk of the event occurring again.
Required Technical Skills
- Network Architecture and TCP/IP
- Windows System Architecture
- Linux System Architecture
- Application protocols such as DNS, SMTP, HTTP, SMB
- Modern Threat Actor Tactics, Techniques, and Procedures
- Incident Response and Threat Eradication
- Programming/Scripting (e.g., Python)
- Cyber Threat Intelligence
- Assess and Integrate External Intelligence
- Develop Internal Intelligence
- Strong interpersonal, communication, and writing skills
- Prior Red/Blue Team Experience
- Technical writing and reporting skills
- Ability to work independently or collaborate with a team
- Background and experience in one or more of the following:
- Information Security
- Network Architecture/Engineering
- Reverse Engineering
- Incident Response
- Adversary Tracking