Cfc Cti Expert Cyber Threat Hunter - Heredia, Costa Rica - Experian

Experian
Experian
Empresa verificada
Heredia, Costa Rica

hace 1 semana

Andrea Rodríguez

Publicado por:

Andrea Rodríguez

beBee Recruiter
Descripción
Company Description

Experian is the world's leading global information services company.

During life's big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence.

We help individuals to take financial control and access financial services, businesses to make smarter decisions and thrive, lenders to lend more responsibly, and organizations to prevent identity fraud and crime.


We have 20,000 people operating across 44 countries and every day we're investing in new technologies, talented people, and innovation to help all our clients maximize every opportunity.


Job Description:


Experian Cyber Fusion Center (CFC) is seeking a Expert Cyber Threat Hunter to be part of a global Cyber Threat Hunting (CTH) team that promotes timely and actionable threat intelligence information.

This is an incredible opportunity to join a world-class organization and join a global team of highly skilled and innovative people to help us stay ahead of adversaries.

The CTH team focuses on defending against emerging threats, supporting cyber investigations, and delivering situational awareness to the business.

The Expert Cyber Threat Hunter serves as a member of the CTH team.

Perform all aspects of cyber threat hunting from preparation, hunting, and reporting to include:


  • Develop or contribute to developing core foundational components of the Cyber Threat Hunting program
  • Dedicate primary daily focus to hunt the Experian environment for threats and anomalies with intelligence gathered from Cyber Threat Intelligence sources
  • Brief findings to senior level management, technical and nontechnical leaders, as well as cybersecurity, risk, human resources, legal, and information technology practitioners
  • Conduct proactive and targeted hunting activities to identify and mitigate advanced threats that have bypassed traditional security controls with intelligence gathered from Cyber Threat Intelligence (CTI) sources, incident response, and forensic teams
  • Develop content that will drive CFC monitoring and detection (use cases, priority, actionable and relevant intelligence) this includes the creation of CTH products to describe and detail analysis
  • Develop processes and procedures for tactical information collection, analysis, processing, production, and dissemination
  • Develop greater holistic insight and adversarial mapping to MITRE ATT&CK tactics and techniques, Common Vulnerabilities and Exposures (CVEs), Indicators of Attacks (IOAs) / Indicators of Compromise (IOCs)
  • Ensure assignments are completed in an efficient and effective fashion; follow all processes and procedures outlined in the Wiki, SharePoint, and MS Teams
  • Closely monitor critical vulnerabilities, threat actors, threat actor campaigns, threat actor TTPs, and changes in the cyber threat landscape
  • Save past "hunts" or queries for tracking and collaboration purposes (saved work can transform onetime hunts into persistent queries)
  • Develop and maintain a repository of SOPs, playbooks, and checklists for hunting that aligns with MITRE ATT&CK techniques and the availability of current data
  • Assist with Incident Response analysis and forensic investigations when requested

Qualifications:


  • 7+ years of experience or equivalent skill level in a technical security role with a focus on threat hunting, threat intelligence, incident response, digital forensics, or related areas
  • Indepth knowledge of advanced threat actors, attack techniques, and malware analysis
  • Strong understanding of incident response processes, specifically with detection, response, and containment
  • Working knowledge of the Cyber Kill Chain Model, Diamond Model, Course of Action Matrix, and MITRE ATT&CK Matrix and how each methodology can be applied to cyber threat hunting
  • Extensive experience in detecting advanced attack methodologies via log analysis and/or endpoint tools, as well as event management tools, such as ArcSight, Splunk, or QRadar
  • Deep understanding of and ability to conduct packet analysis with deep packet inspection toolsets to support threat identification
  • Experience with at least one common scripting or programming language, such as Python, JavaScript, and/or PowerShell
  • Strong understanding of the Windows, Linux / *NIX, and macOS operating systems, as well as commandline tools
  • Strong knowledge of common tactics, techniques, and procedures used by threat actors and the tools and methods to detect and find them
  • Capable of developing detection signatures (YARA, SNORT)
Additional Information

Our benefits include:

Medical, life and dental insurance, Asociación Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.

LI-GJ1

Experian Careers - Creating a better tom
Más ofertas de trabajo de Experian
Ver todas las ofertas de empleo de Experian