Threat Hunter (Proactive Detection Specialist) (RARR Job 6259)

We are seeking an experienced Threat Hunter to proactively identify, investigate, and mitigate advanced cyber threats across enterprise environments. The ideal candidate will possess deep expertise in threat hunting methodologies, adversary tactics and techniques, threat intelligence analysis, and security analytics. This role will focus on uncovering hidden threats, identifying detection gaps, and enhancing the organization's threat detection capabilities across SIEM, UEBA, NDR, EDR, and Deception platforms.

Key Responsibilities

• Conduct proactive threat hunting activities using hypothesis-driven, IOC-driven, and anomaly-driven methodologies.

• Leverage MITRE ATT&CK framework to identify adversary tactics, techniques, and procedures (TTPs) and improve detection coverage.

• Analyze security telemetry across SIEM, UEBA, NDR, EDR, network, endpoint, cloud, and deception platforms to identify hidden threats and malicious activities.

• Develop advanced threat hunting queries, behavioral analytics models, detection logic, and anomaly detection use cases.

• Identify gaps in existing security monitoring and detection capabilities and recommend improvements.

• Collaborate with SOC, Incident Response, and Threat Intelligence teams to investigate emerging threats and suspicious activities.

• Develop threat intelligence reports, threat actor profiles, attack trend analysis, and strategic recommendations.

• Support detection engineering initiatives by creating and optimizing correlation rules, analytics models, and hunting content.

• Participate in purple-team exercises, adversary emulation activities, and threat simulations.

Required Qualifications

• Minimum 6 years of cybersecurity experience with at least 3 years focused on threat hunting.

• Strong expertise in MITRE ATT&CK framework and threat hunting methodologies.

• Experience with SIEM, UEBA, NDR, EDR, Threat Intelligence Platforms, and Deception technologies.

• Strong understanding of advanced attack techniques, APT groups, malware behavior, and threat actor profiling.

• Experience in developing detection content and advanced hunting queries.

 Mandatory: At least two active certifications from — GCTI, GCFA, GCIH, GNFA, OSCP, OSTH, CREST CPSA/CRT, or equivalent. SANS GIAC threat hunting or forensics certifications strongly preferred.

Preferred Skills

• Threat Hunting
• Threat Intelligence
• Detection Engineering
• MITRE ATT&CK
• SIEM / UEBA / NDR
• Threat Analytics
• Purple Teaming
• Adversary Simulation