Posted in General Business 30+ days ago.
Type: Full-Time
Location: Chicago, Illinois
As part of Northern Trust's Global Threat Management team, conduct cyber threat hunting missions under the supervision of the senior cyber threat hunter and in collaboration with the Northern Trust Cyber Coordination Center. Cyber threat hunting includes threat research, threat detection creation, initial triage/forensic operations, and the ability to device creative solutions to cutting edge threat challenges.
Responsibilities:
Monitors threat landscape for changes in adversary Tactics, Techniques, and Procedures
Conduct Threat Hunts under the direction of the senior hunting analysts
Identifies novel threats and creates response procedures on-the-fly, if necessary
Collaborates with the NT Cyber Coordination Center and Cyber Threat Intelligence teams
Perform network, host, identity and/or cloud forensics, as required (not all these skills required upon hire)
Provide outside-of-the box mitigations to emerging threats, as necessary
Works with vendors to enhance cyber threat hunting and detection capabilities
Qualifications/Experience
Attention to detail and excellent critical thinking and problem solving skills
Strong analytical skills and the ability to sift through large amounts of log data to identify anomalies, patterns
In lieu of Bachelor's degree, relevant military experience, certification, or ability to clearly demonstrate competence through experience.
Bachelor's degree in computer science, Engineering or Related Field. Alternatively, degree in logic, philosophy, systemic theology or related discipline with ability to apply concepts to technology.
Assist in the scoping and execution of cyber threat hunt operations based on intelligence, current vulnerabilities/trends or business need
Experience with security monitoring and investigative technologies such as SIEM, EDR, UEBA and host based forensic tools
Familiarity with industry wide frameworks such as MITRE ATT&CK and Cyber Kill Chain
Maintain awareness of current threats and actors and their motives, techniques, tools and procedures
Assist the NTC3 in IR during major incidents
3-5 years of experience with Threat Hunt, Incident Response or SOC
Industry related certifications such as: GIAC GSEC, GCIH, GCFE, GCFA, CISSP, OSCP
Additional Information