Summary
Concentrix Corporation, a global leader in Customer Experience Solutions, is seeking a Threat Hunter Specialist as an individual contributor, reporting to the Threat Hunt Leader within the Cyber Threat Operations and Countermeasures department under the Concentrix Global Security team.
The Threat Hunter Specialist will be responsible to proactively seek out threats, indicators of compromise, digital artifacts and evidence, misconfigurations, and control gaps.
This role will collaborate and align closely with Cyber Defense, Vulnerability Management, and Incident Response teams to enhance prevention, detection, response, and remediation capabilities.
This role is non-managerial and will be responsible for conducting threat hunts, ingesting threat intelligence, providing remediation recommendations, and assessing the impact of potential threat actors to Concentrix and its clientele.
This role will advise on new and emerging threats, search and determine gaps within configurations, deliver documentation with recommendations, and provide technology support to the overall Global Security mission.
Description
- Create automated detection methodologies to discover suspicious and anomalous behaviors, identify command and control connections, and indicators of compromise
- Provide operational contributions with the Cybersecurity Incident Response team by understanding current and past incidents, and proactively seeking trends or specifics to prevent future similar occurrences
- Perform analysis of previously handled incidents to determine effectiveness and potential operational enhancements
- Produce threat hunt metrics and key performance indicators
- Partner with business areas to test and ensure effectiveness of detections and alerts
- Develops tactics, techniques, and procedures for the identification, detection, and analysis of internal and external threats
- Executes threat hunts for known indicators and indicator-less artifacts in multiple network environments
- Conducts gap assessments on control library implementation and collaborates with stakeholders to enhance control hygiene
- Develops applicable process documentation and playbooks to operationalize workflows
- Partner with Threat Operation teams to conduct periodic cyber threat tabletop exercises and simulation scenarios
- Enhances enterprise-wide security knowledge and controls with threat indicators, cyber findings, and lessons learned
- Collaborates with, and ingests threat intelligence from multiple sources
- Interacts and participates with the global cybersecurity community though multiple partners, forums, and organizations
- Demonstrates a level of familiarity with real-world vulnerabilities, exploits, payloads, and tactics across the threat actor spectrum
- Understands threat models and is intimately familiar with the MITRE ATT&CK Framework
- Interfaces with leadership and business partners through effective written and oral communication
- Ensures that leadership and key business personnel are educated and aware of both current and future threats, by communicating in a way that is easily understandable
