Senior Adversary Pursuit Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Develop and implement functions within Flock’s Adversary Pursuit initiative.

• Assist in designing and executing threat hunts, technical cybersecurity drills, and tactical threat intelligence gathering.

• Collaborate closely with the Offensive Security team to ensure effective threat detection.

• Support enhancements to the Security Operations team's incident response capabilities.

• Innovate new techniques to identify and detect threats across a valuable public-private safety network.

• Define and carry out hunts, assessing and prioritizing visibility and detection deficiencies.

• Aid in response operations involving thousands of deployed hardware devices and cloud infrastructure.

• Create technical exercises against Flock’s complete technology stack to boost preparedness and readiness.

• Evaluate success through the development and execution of threat hunting capabilities and enhanced readiness to respond.

⛳️ Requirements

• A minimum of 5 years of experience in cybersecurity, with at least 3 years concentrated on DFIR/Threat Hunts.

• Extensive technical knowledge in executing DFIR and adversary threat hunts across varied environments (corporate systems, cloud - AWS/GCP/Azure, and operational technology networks).

• Experience conducting DFIR on Android IoT devices.

• Profound experience with enterprise security tools (SIEM, EDR, etc.) as well as crafting proprietary tools/scripts to enhance team capabilities.

• Familiarity with sandboxing technology to assist in analyzing suspicious binaries and scripts; hands-on reverse engineering experience is a plus.

• Practical experience integrating security automation tools (Torq, Tines, SIEM native, etc.) and AI tools (LLMs, agentic workflows) to streamline security operations.

• Map findings to the MITRE ATT&CK framework to pinpoint coverage gaps and enhance detection posture.

• Well-versed in utilizing cyber threat intelligence to refresh requirements, prioritize collection sources, and incorporate technical TTPs to inform and prioritize hunts.

• Develop and fine-tune high-fidelity detection rules (e.g., Splunk SPL, YARA, Sigma) based on hunting results to avert future occurrences.

• Assist in crafting technical tabletop exercises, ensuring scenario relevance to the organization’s risk profile and alignment with real-world cyber incidents.

• Collaborate with Cybersecurity, Engineering, and Product teams to plan and execute threat hunts, providing detailed findings and data-driven recommendations for cybersecurity and architectural enhancements.

• Work in close partnership with the Offensive Security team to conduct regular testing and validation of custom detection rules.

• Act as a Tier 3 escalation point for SOC analysts; conduct deep-dive root cause analysis on complex security incidents.

🏝️ Benefits

• Flexible PTO: We provide non-accrual PTO, in addition to 11 company holidays.

• Comprehensive health benefits plan for employees, including Medical, Dental, Vision, and HSA matching.

• Family Leave: All employees are entitled to 12 weeks of fully paid parental leave, with birthing parents eligible for an additional 6-8 weeks for physical recovery.

• Fertility & Family Benefits: We have partnered with Maven, a complete digital health benefit for starting and raising a family. Flock will provide a $50,000 lifetime maximum benefit for eligible adoption, surrogacy, or fertility expenses.

• Spring Health: Offers a range of mental health benefits, including therapy, coaching, medication management, and personalized digital tools.

• Caregiver Support: We collaborate with Cariloop to provide caregiver support for our employees.

• Carta Tax Advisor: Employees receive 1:1 sessions with Equity Tax Advisors to address individual grants, model tax scenarios, and answer general inquiries.

• ERGs: We strive for all employees to thrive and feel a sense of belonging at Flock. Currently, we have four ERGs - Women of Flock, Flock Proud, LEOs, and Melanin Motion. If you're interested in connecting with a representative from one of these groups, please inform your recruiter.

• WFH Stipend: $150 per month to assist with the costs of working from home.

• Productivity Stipend: $300 per year to use on platforms like Audible, Calm, Masterclass, Duolingo, and more.

• Home Office Stipend: A one-time $750 to help you build your ideal office space.