Teleperformance EMEA is looking for a qualified SOC Threat Hunter to proactively investigate security events in an effort to identify artifacts of a cyber-attack.
It will also be expected to participate in several different areas within Security Operations and Incident Response process;
these activities can include digital forensics, use case development, security control testing, and hunt plan development.
The SOC Threat Hunter Analyst will use data analysis, threat intelligence, and cutting-edge security technologies.
Working within the Security Operations Center team, the Threat Hunter is responsible for reviewing system log events and data packets to proactively detect advanced threats that evade traditional security solutions The Analyst will ensure that new environments are identified and understood to enable accurate and actionable reporting for other tiers of Security organization and additionally is expected to actively participate in developing processes, procedures, training, etc. for new technologies.
The candidate must have a curious investigative mind, an interest in information security, and the ability to communicate complex ideas to varied audiences.
Job Duties and Responsibilities :
Track threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs)
Capture intelligence on threat actor TTPs / IOCs and coordinate with SecOps pods to develop countermeasures
Provide forensic analysis of network packet captures, DNS, proxy, netflow, malware, host-based security and application logs, as well as logs from a variety of security sensors
Perform Root Cause Analysis of security incidents to develop enhancements to existing alerting tools
Compile detailed investigation and analysis reports for internal SecOps consumption and delivery to management
Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
Develop advanced queries and alerts to detect adversary actions
3+ years of experience in Information Security (Required)
1+ years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, and malware triage (Required)
Experience with packet analysis and usage of deep packet inspection toolsets.
Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITER ATT&CK Matrix. (Required)
Familiarity with EDR / SOAR / Anomaly detection solutions
Prior experience working with in the following areas : (Desired)Computer Incident Response Team (CIRT)Computer Security Incident Response Center (CSIRC)Security Operations Center (SOC)
Experience with APT / crimeware ecosystems (Desired)
Industry certification such as the following : (Desired)SANS (GCIH, GPEN, GWAT, GXPN, GCFA, GCFE, GREM)Offensive Security (OSCP, OSWE, OSCE, OSEE)
Additional relevant information :
Personality is a big factor; they need to be able to communicate openly and clearly with other people on the team, leadership,
Candidate should possess a curious investigative mind, an interest in information security, and new & innovative technologies,
Job location : Athens, Greece
Forensic analysis : 1 year (Required)
Cyber Security : 3 years (Required)
DNS : 1 year (Preferred)
Malware Analysis : 1 year (Preferred)
Root cause analysis : 1 year (Preferred)
Threat Analysis : 1 year (Preferred)
What we offer :
Global, very collaborative, dynamic environment, can be demanding in terms of the critical nature of the business,
Possibility to work from home,
Individual trainings / certifications budget
Complete relocation support for successful candidates not located in Greece (flight ticket to Greece, 2-week hotel accommodation, assistance finding an apartment, real estate fee covered by us), when applicable
Threat Assessments Cyber Threat Intelligence threat hunter Information Security Cyber Security Malware Analysis
check circleBe one of the first to apply