Sr Threat Hunter

Senior Threat Hunter

The Senior Threat Hunter combines exceptionally advanced mathematics, statistics, deep knowledge of attack vectors, and network protocols to detect novel and existing cyber and fraud attacks. This role generally requires working in an AWS cloud big data environment using tools such as Athena, Sagemaker and other AI/ML tools to detect emerging threats and ongoing attacks. Additional related skills include malware analysis, system engineering/administration, big data engineering and a solid basis of understanding fraud.

Guides and mentor's Hunters into Sr. Hunter positions. Leads implementation of new tools and ways to dissect data into stories that help us understand the data. Significant overlap with the role of a data scientist. Important member of and contributor to financial threat intelligence and information sharing communicates. Is seen as an advanced, expert contributor to cyber and fraud detections in the financial information sharing community.

Position Duties/Responsibilities:

Threat Detection

Utilizes expert domain knowledge in cyber or fraud to perform the following:

• Performs innovative detection development through hypothesis and supporting research.
• Creates industry novel data products and detections based on existing and emerging data sources.
• Performs engineering detections for novel, zero day, and existing threats using SQL, Hadoop, Hive, Athena, Python, Pandas, regex, scripting, other big data tools.
• Executes exceptionally complex analysis of disparate data sources.
• Performs emerging threat and threat landscape research.
• Provides forensic cyber and fraud event analysis.
• Work closely with partners in Cyber, Fraud, and Technology to respond to incidents and events.
• Identifies means to reduce fraud loss.
• Identifies means to reduce cyber-attack effectiveness.
• Looks for continuous improvement of detections for operationalization.
• Expert Open Source Intelligence (OSINT) research.

New Threat Detection Analysis

• Engineers big data solutions to support new threat detections.
• Proactively expands hunter tools and techniques.
• Proactively acquires and analyzes emerging data sets, tools, and processes.
• Performs technical design of systems to support efficient flow and storage of data.
• Performs logical design of systems to support powerful, complex analysis.
• Champions big data threat hunting platform for new data sources and use cases.
• Provides expert guidance for development of AI/ML/Deep learning data models.
• Provides expert level architecture guidance in development of security and fraud systems.
• Provides expert level architecture guidance in development of big data systems.

Industry Expert Cyber and Fraud Consulting

• Works closely with partners in Cyber, Fraud, and Technology to solve problems.
• Escalation point for cyber incidents, events, and malware research.
• Provides expert guidance on fraud events, trends, mitigation strategies.
• Provides expert guidance on fraud actor Tactics, Techniques, and Protocols (TTP) and evaluate solutions.
• Provides expert knowledge of attack vectors such as SQL injection, remote code execution, synthetic identity, wire fraud, check fraud, lateral movement.
• Identifies and mitigates threat vectors unique to the shared cyber/fraud attack surface.
• Advocates cross-pollination of tactics/investigate procedures in between fraud and cyber spaces.

Planning and Organizing

• Identifies - evaluates projects, products, and solutions to enhance threat detection and other capabilities.
• Provides expert guidance on highly complex, large projects to incorporate cyber and fraud detection capabilities and considerations.
• Participates in industry working and information sharing groups.
• Leads discussions or workshops in industry working and information sharing groups.

Administration

• Keeps management informed of status of threats, the threat landscape, and current incidents and events through appropriate reporting.
• Designs and implement improved ways to catalog hunting.
• Designs and implement material advances to the craft of threat hunting.
• Actively participates on committees representing Cybersecurity.
• Keeps abreast of leading-edge technologies in the threat detection space.
• Other duties as assigned.