Threat Hunting Analyst
As a Threat Hunting Analyst you will be a part of a team working on new capabilities for a XDR platform focusing on incident response, threat hunting and collaboration. You will have an opportunity to help shape the product as well as Threat Hunting and Incident Response workflows.
You’ll help research novel threat detection techniques and build detection capabilities for the product. You will be able to collaborate with our Threat Intelligence team to develop threat hunting packs to protect our customers.
As an ideal candidate, you have relevant experience working in Security Operations Center and have been exposed to Threat Hunting and Detection Engineering.
- Engage with cyber security community;
- Analyze emerging threats and reports;
- Create, test and improve threat detection mechanisms such as rules and queries;
- Digest community feedback;
- Work with the product team and help define features of the XDR platform.
- GIAC (GCIH, GCDA, GMON), SANS (SEC 504, SEC 599, FOR 578), EC-COUNCIL (ECIH, CHFI, CSA) or similar;
- 5+ years of professional experience in cyber security and incident response;
- Experience with building threat detection mechanisms;
- Experience with threat hunting and Incident response;
- Experience with intelligence analytic techniques;
- Deep knowledge of different attack Tactics, Techniques and Procedures;
- Working knowledge of translating Threat Reports and Cyber Threat Intelligence content into detection mechanisms;
- Knowledge of adversary emulation methodologies;
- Knowledge of ATT&CK framework, Threat-Informed Defense, Diamond Model;
- Familiarity with EDR, XDR, SIEM, SOAR products;
- Knowledge of scripting (Python, PowerShell, Bash);
- Experience with offensive security tools (Metasploit, Nmap, Maltego, Mimikatz, Atomic Red Team);
- Experience with detection languages (SIGMA, YARA, OSQUERY, SNORT)
- Data analysis;
- Attention to details paired with a cooperative nature;
- Up-to-date knowledge of recent developments in the area of Cyber Security and Cyber Threats.
We offer a full-time position with a market conform salary, 24 annual holidays, and an appealing education scheme. On top of that, we have a hip, home-like working place in the heart of Amsterdam where you can work with (and build) the latest technology. Our teams are humble, effective, transparent and life long learners - while we love experiments and research, we are not afraid to make decisions. We are backed by international investors to build the future together!
EclecticIQ is a global threat intelligence, hunting and response technology provider. Its clients are some of the most targeted organizations, globally. To build tomorrow’s defences today, they have to understand the threats against them – and align their efforts and investments to mitigate their risks. EclecticIQ helps governments, large enterprises and service providers manage threat intelligence, create situational awareness and adopt an intelligence-led cybersecurity approach. EclecticIQ extended its focus towards hunting and response with the acquisition of Polylogyx’s endpoint technology in 2020. Founded in 2014, EclecticIQ operates globally with offices across Europe, North America, and via value-add partners.
More info: www.eclecticiq.com
In case of any questions or queries, please reach out to our Talent Management Partner at [email protected]
The selection process may include security screening and/or background checks.
All you need to do is filling out our application form below.