Threat Hunting Researcher, Unit 42 MTH

This is a fully remote position, open to applicants in Florida.

📋 Description

• Assist multinational companies in staying ahead of adversaries and cyber threats.

• Work alongside and advise our clients on optimal strategies to bolster their security and preparedness for future incidents.

• Enhance Palo Alto Networks' offerings by identifying and evaluating emerging threats and tactics.

• Shape the industry by disseminating knowledge and insights.

• Collaborate with various research and development teams.

• Contribute to creating a safer and better world.

• Engage in daily threat hunting activities across all data sources.

• Address the latest cybersecurity research initiatives and attacks on a daily basis.

• Formulate hypotheses, implement manual hunting techniques, collect and analyze results, conduct forensic activities, and produce reports.

• Become part of a global team of experts who tackle threats and adversaries on a worldwide scale every day.

• Expand your expertise and experience across all areas of cybersecurity: Network, Endpoint, Cloud, IoT, Mobile devices, and 3rd-party vendor data sources.

• Design, develop, and implement innovative hunting hypothesis methodologies to reveal threats, comprehend their root causes, and attribute them.

⛳️ Requirements

• Comprehension of the threat landscape, including attack tools, tactics, and techniques, as well as foundational networking and security principles.

• Experience in investigating targeted, sophisticated, or concealed threats in both endpoint and network environments.

• Over 3 years of relevant experience with a demonstrated history in cybersecurity research, focusing on APTs or cybercrime, while being capable of addressing the broader threat landscape.

• Background in forensic analysis and incident response tools (both Dynamic and Static, such as IDA Pro, Ollydbg, and Wireshark) to identify threats and evaluate the extent and scope of compromises.

• Understanding of APT operations, encompassing attack vectors, propagation, data exfiltration, lateral movement, persistence mechanisms, and more.

• Acquainted with organizational cybersecurity measures, including protective tools and remediation strategies.

• Exceptional written and verbal communication skills in English.

• Strong attention to detail.

• Knowledge of advanced threat hunting methodologies and the capacity to develop innovative techniques.

• Experience in an Incident Response environment is a plus.

• Proficiency in Python and SQL is advantageous.

• Familiarity with reverse engineering is beneficial.

• Ability to simplify and clarify complex concepts.

• Experience in crafting technical blog posts and analysis reports.

• Capability to analyze and comprehend the infrastructure of malicious campaigns.

• Self-motivated individual who can work independently and adapt to shifting priorities.

🏝️ Benefits

• Employee benefits information not explicitly stated.