Senior Threat Hunting Specialist (+AI)

EPAM·Poland·Удалённо·5д. назад

We are seeking a Senior Threat Hunting Specialist (+AI) to proactively identify, investigate, and mitigate advanced cyber threats targeting the organization by conducting hypothesis-driven threat hunting across enterprise environments. The role involves analyzing attacker tactics, techniques, and procedures (TTPs) to detect stealthy or previously unknown threats, while supporting incident response activities by providing deep investigative insights and contributing to the continuous enhancement of detection and defense capabilities.

Responsibilities

Conduct proactive threat hunting across endpoints, networks, cloud platforms and security data sources to identify hidden threats and anomalous behavior
Develop and execute threat hunting hypotheses based on intelligence, indicators of compromise (IOCs) and attacker TTPs
Analyze large datasets including logs, endpoint telemetry, network traffic and threat intelligence feeds to detect malicious activity
Identify advanced persistent threats (APT), insider threats and sophisticated attack patterns that bypass traditional security controls
Perform deep-dive investigations into suspicious activities and support incident response teams during active incidents
Reverse-engineer attack behavior and analyze malware artifacts where required to understand adversary activity
Develop custom detection logic, queries and use cases (e.g., SIEM, EDR, XDR) to enhance visibility and detection coverage
Refine and improve threat hunting methodologies, playbooks and standard operating procedures on a continuous basis
Leverage threat intelligence to identify emerging relevant threats and align hunting activities accordingly
Conduct memory analysis, log correlation and network forensics to validate potential threats
Collaborate with SOC, Incident Response, Digital Forensics and Threat Intelligence teams to strengthen detection and response capabilities
Document threat hunting findings, including identified threats, detection gaps and remediation recommendations, and maintain dashboards and reporting for stakeholders

Requirements

Bachelor's degree in Information Security, Computer Science, Cybersecurity or equivalent
5+ years of experience in cybersecurity, with strong focus on threat hunting, incident response or security operations
Expertise in hypothesis-driven threat hunting across endpoints, networks and cloud platforms
Proficiency in analyzing attacker tactics, techniques and procedures (TTPs), IOCs and APT behavior
Skills in developing custom detection logic, queries and use cases for SIEM, EDR and XDR platforms
Competency in malware analysis, reverse engineering and analysis of adversary artifacts
Background in memory analysis, log correlation and network forensics
Capability to analyze large datasets including logs, endpoint telemetry and threat intelligence feeds
Familiarity with red/purple team activities, breach and attack simulations and detection validation exercises
Flexibility to work within, or very close to, UAE business hours
Upper-Intermediate English language proficiency (B2)

Nice to have

Certified Information Systems Security Professional (CISSP)
GIAC Certified Incident Handler (GCIH) or GIAC Certified Forensic Analyst (GCFA)
Certified Threat Intelligence Analyst (CTIA)
Certified Ethical Hacker (CEH) or Certified Reverse Engineering Analyst (CREA)
CompTIA Security+