Description :

Senior Cyber Threat Hunter

Experience : 8+ Years

Duration : 3 Months+ (Contract/Extensible)

Role Summary :

We are seeking a highly specialized Senior Cyber Threat Hunter to lead proactive, intelligence-driven investigations across a complex enterprise environment. This role is built for a technical expert with a "hunter" mindsetsomeone who doesn't just wait for alerts but actively seeks out undetected adversaries. You will spend 80% of your time executing sophisticated, intelligence-led hunts and 20% supporting deep-dive investigations into historical security incidents.

Success in this role requires a mastery of adversary behaviors, a deep understanding of vulnerability landscapes, and the technical agility to pivot through data using Splunk and Microsoft Defender. While playbooks are provided, you must possess the independent diagnostic skills to navigate unique, non-linear attack scenarios. We prioritize technical skill and analytical curiosity over specific industry background; we need a professional who can think like an attacker to defend like an expert.

Responsibilities :

- Intelligence-Driven Hunting : Execute queued, high-priority hunts representing 80% of core duties, proactively identifying threats that bypass traditional security controls.

- Splunk Mastery : Build and refine advanced Splunk queries (SPL) rapidly, aggregating and correlating data across disparate enterprise-wide sources to uncover anomalies.

- Endpoint Detection & Response : Utilize Microsoft Defender (MDE/MDO) at an expert level to investigate process trees, file integrity, and suspicious endpoint behaviors.

- Intelligence Interpretation : Deconstruct complex intelligence reports to determine targeted assets, attack flows, and specific adversary techniques (TTPs).

- Adversary Behavior Analysis : Map discovered activities to the MITRE ATT&CK framework, identifying detection gaps and suggesting mitigation strategies.

- Incident Support : Dedicate 20% of efforts to supporting the Incident Response (IR) team by investigating past security breaches and extracting forensic artifacts.

- Attack Methodology Mapping : Understand and simulate the flow of an attack through the environment to proactively identify where detection or mitigation is weakest.

- Security Control Optimization : Collaborate with the security engineering team to refine detection logic based on successful hunt outcomes.

- Collaboration & Knowledge Sharing : Work as a high-impact team player, sharing technical insights and documented hunt results to elevate the overall security posture.

- Continuous Learning : Maintain an up-to-date understanding of the global threat landscape, emerging vulnerabilities, and evolving exploit methodologies.

Technical Requirements :

- Expert Tooling : Must have expert-level experience with Splunk (Advanced query building) and Microsoft Defender (EDR/XDR management).

- Threat Hunting Experience : Proven track record of conducting hands-on, proactive threat hunts in a large-scale enterprise environment.

- Technical Literacy : Deep understanding of vulnerabilities, adversary behaviors, and the modern cyber-attack lifecycle.

- Data Synthesis : Ability to build advanced queries quickly using multiple data sources and complex correlation logic.

- Adversary Emulation : Strong knowledge of attack methodologies, including lateral movement, privilege escalation, and persistence mechanisms.

Preferred Soft Skills :

- Natural Curiosity : An innate drive to investigate unique scenarios and "dig deeper" into technical anomalies.

- Analytical Thinking : The ability to connect disparate data points to form a cohesive picture of a potential breach.

- Self-Motivation : Ability to operate independently in a fast-paced environment with minimal supervision.

- Collaborative Attitude : An easygoing, team-first approach with a strong focus on knowledge sharing and collective defense.

- Agility : Capability to switch between proactive hunting and reactive investigation support without losing technical focus.