Senior Cyber Threat Hunter

Senior Cyber Threat Hunter

• We are one of the largest Cyber Security Teams in the Southern Hemisphere
• Fantastic opportunity to work with some of the best security minds in the industry

See yourself in our team: 

The Cyber Threat Hunting Team (HUNT) is a multicultural, skilled and diverse team with passion for DFIR, data analytics and understanding cyber threat actor behaviour. Our mission is to actively discover and disrupt adversarial operations that have evaded standard security controls to improve the Group's cyber resiliency. We are part of Cyber Detection & Response (D&R), responsible for proactively hunting, detecting, containing, and remediating attacks from cyber threats against the organization's internal ecosystem.

Team Values:

• We are culturally inclusive, we value diversity, kindness and respect above all.
• We take pride in mentoring people and helping them grow.
• We take responsibility for our commitments and ensure blockers are discussed as early as possible to deliver on our outcomes.

Do work that matters:

• Lead and participate in threat hunt missions targeting potential adversarial activity in our system.
• Advance our Detection & Response mission by developing new tactics for cyber threat analysis.
• Conduct data analysis at scale, threat research, intelligence analysis, OSINT investigations, playbook development, and automation.
• Collaborate with Threat Intelligence, Incident Response, Detection Engineering, and Cyber Attack Analysis teams to ensure high-impact findings are actioned in time.
• Communicate identified control gaps and detected adversary activity to the appropriate teams. Translate findings into actionable insights.
• Develop hunting hypotheses and use-cases, using OSINT information and insight gathered by Blue and Purple Teams.
• Mentor team members and contribute to the development of threat hunting playbooks.
• Identify and develop automation opportunities to streamline Threat Hunting processes.
• Triage vulnerabilities and high-risk threat actor activities, ensuring protection against identified threats.
• Track hunt mission performance metrics and drive continuous improvement.

​ 

We are interested in hearing from people who have : 

• Ability to work autonomously and engineer solutions to complex problems.
• Strong mentoring skills and a passion for helping colleagues grow.
• You enjoy transitioning between various levels of analysis.
• When challenged by ambiguous and uncertain requirements, you craft practical and minimally viable solutions that can be improved iteratively.
• You engage people with curiosity and ensure stakeholders are kept up to date.

Qualifications: 

• Minimum 3+ years in DFIR or similar roles (Senior, Principal, or experienced L3 SOC Analyst).
• Solid Splunk knowledge and hands-on experience investigating real-world cyber attacks in various environments (on-premise and cloud).
• Understanding of forensic artifacts relevant to different attack scenarios.
• Exposure to offensive security principles and hacking techniques.
• Familiarity with frameworks like MITRE ENGAGE, MITRE ATTACK FLOW, and MITRE ATT&CK.
• Practical experience with YARA, SIGMA, and SNORT rules.
• Understanding of the Threat Intel cycle and OSINT techniques.

Nice to have: 

• Automation experience using Python and familiarity with GenAI.
• Experience developing Jupyter Notebooks for data analysis or prototypes.
• Exposure to Agile and/or DevOps principles.
• Experience engineering detections based on attacker tradecraft and available telemetry.
• Relevant certifications such as GCFA, GCFR, GCIA, GEIR, GCDA, OSCP are a plus.

Accessibility

We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.

Advertising End Date: 16/04/2025