Cyber Threat Hunt Sr. Analyst

Job Description

Cyber Threat Hunter will be responsible for leading and executing proactive cybersecurity initiatives to identify and mitigate advanced cyber threats. Working closely with the cybersecurity team, Cyber Threat Hunter will employ advanced threat-hunting techniques, leverage threat intelligence, and utilize cutting-edge tools to detect, analyze, and respond to complex cyber threats. This role will involve mentoring junior threat hunters, collaborating with cross-functional teams, and enhancing the organization’s threat-hunting capabilities. Cyber Threat Hunter focuses on both proactive and reactive cyber threat hunting operations across Kaiser Permanente networks to continuously identify and disrupt the adversary while consistently improving detection capability and efficiency for Kaiser Permanente’s security solution controls.

Essential Responsibilities

• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
• Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
• Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
• Coordinate with intelligence analysts to correlate threat assessment data.
• Identify systemic security issues based on vulnerability and configuration data analysis.
• Apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
• Interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute). 
• Share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
• Detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
• Recognizing and categorizing types of vulnerabilities and associated attacks.
• Performing packet-level analysis.
• Identifying cyber threats that may jeopardize organization and/or partner interests.
• Monitor target or threat situations and environmental factors.

Minimum Qualifications

• Bachelor’s degree in Information Technology, Computer Science, or a related field and a minimum of 6 years experience within a Security Operations Center (SOC) environment as a Cyber Threat Hunter, Cyber Threat Intel Analyst, or Cybersecurity Analyst.
• Additional equivalent work experiene of three years of work experience may be substitued for degree requirement, in addition to minimum years of experience (9 years total)
• Knowledge of cybersecurity and privacy principles. 
• Knowledge of cyber threats and vulnerabilities. 
• Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
• Knowledge of cyber attackers and attack stages.
• Knowledge of network and host based cybersecurity investigation techniques

Additional Requirements

• Ability to work with others collaboratively, leveraging multiple project management approaches (Agile/Scrum, Waterfall, Gantt Charts, etc.)
• Comfortable working remotely with team members around the country
• A self-starter with intellectual curiosity
• Development of technical documents or presentations

Preferred Qualifications

• Experience with open-source and commercial security management tools.
• Experience with Snort
• Experience in the operation of Splunk or SIEM solutions.
• Experience researching, developing, and implementing data-driven threat detection capabilities.”                                                        
• Relevant security certificatios such as SANS/GIAC (GCIA, GCIH, GCFA, etc.)

Benefits

• Transportation.
• Life insurance.
• Medical insurance.
• Solidarity association.
• Growth plans.
• Additional days off.

K4