Cyber Threat Hunter
- Lincoln Ave, Lone Tree, CO, USA
ClientSolv Technologies is an IT solution firm with over a decade of experience serving Fortune 1000 companies, public sector and small to medium sized companies. ClientSolv Technologies is a woman-owned and operated company that is certified as a WMBE, 8a firm by the Federal government's Small Business Administration.
We are seeking a Cyber Security Threat Hunter for a contract-to-hire opportunity in Englewood, CO.
The focus of the Cyber Security Threat Hunter is to distinguish, interrupt and suppress threat actors on enterprise networks. To execute this mission, the Threat Hunter will use data analysis, threat intelligence, and cutting-edge security technologies. Working within the Security Analysis and Operations Team, the Cyber Security Threat Hunter is responsible for detecting and assessing cyber security events and incidents across the enterprise environment. Threat Analysts will also participate in developing processes, procedures, training, etc. for new technologies. The candidate must have a curious investigative mind, an interest in information security, and the ability to communicate complex ideas to varied audiences.
Job Duties and Responsibilities:
- Examine alerts from various security monitoring tools, perform triage & determine scope of threats; escalate as necessary.
- Develop and analyze dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc.
- Coordinate with End user computing groups that are exhibiting unusual behavior (i.e. excessive firewall denials, Okta logins from unusual geo-locations) to have them assist in troubleshooting/remedying the issues.
- Assist with tickets relating to whitelisting & user internet access by researching the domains being requested for security/reputation, liaising with users for additional details, and passing the tickets along for implementation in the proxies
- Manage various Proof-of-Concept implementations for threat hunting platforms/tools to evaluate if they would be beneficial for the organization by providing additional visibility into the enterprise environment and increasing incident response time.
- Provide Tier 2 & Tier 3 support as needed
- Keep up-to-date with information security news, techniques, and trends
- Become proficient with Ticketing system and workflow management
- Become proficient with third-party threat intelligence tools as required
- 3+ years’ experience in Information Security
- Experience with traditional security tools found in enterprise network environments:
- Active Directory
- Vulnerability assessment tools
- Cyber Threat Hunting Experience
- Experience with data analysis
- Experience with SIEM
- Experience with cyber threat intelligence
- Experience with software vulnerabilities & exploitation
Nice to have:
- Experience with EDR (Desired)
- Prior experience working with in the following areas:
- Computer Incident Response Team (CIRT)
- Computer Security Incident Response Center (CSIRC)
- Security Operations Center (SOC)
- Experience with malware analysis
- Experience with APT/crimeware ecosystems
- Degree in Information Security or Information Technology
- The following certifications are strongly desired:
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- SANS Institute/GIAC ISC2
This contract to hire role is located onsite in Englewood, CO.