Threat Hunter
7 days ago
The Rapid7 Managed Services Threat Hunting team is responsible for performing proactive, hypothesis-driven threat hunts across all Managed Detection and Response (MDR) customers to identify emerging cyber threats and malicious activity on networks and systems.
The Threat Hunter will work proactively to uncover malicious activity that may have been missed by traditional security measures, and will develop strategies to mitigate current and future threats. This role leverages internal and open source tools to accomplish threat hunting at scale. The Threat Hunting team is also responsible for coordinating closely with Rapid7’s Emergent Threat Response (ETR) program and working closely with related cross-functional teams.
About the Team
Rapid7’s Managed Detection and Response (MDR) team is built from the ground up to bring motivated and passionate security talent face to face with emerging threats, practical challenges, and evil at scale.
Our MDR service uses an impact-driven mindset to focus efforts on effective solutions, encouraging personal and technical innovation within the SOC. MDR provides 24/7/365 monitoring, threat hunting, incident response, and more with a focus on endpoint detection and behavioral intelligence.
About the Role
Rapid7’s Threat Hunters are tenacious individuals who enjoy analyzing threats and trends, both novel and tried-and-true, and using their heads to craft hypotheses that lead them on the hunt for the proverbial needle-in-a-haystack.
The day-to-day of a Threat Hunter may include conducting research on threat actor Tactics, Techniques, and Procedures (TTPs), determining what types of activities may be worthy of hunting for, and formulating the best method by which to dig through customers’ data in order to identify evidence of said TTPs; or, in the case of the swell-up of events qualifying for Rapid7’s Emergent Threat Response, assisting teams across Rapid7 in identifying ways to search for and notify customers of the next big evil thing that could be sitting right on their doorstep, waiting to pounce. Hunters may derive hypotheses that are worthy of conducting broad-scale hunts across the entire MDR customer base, or they may target specific customer environments or industry verticals to sniff out compromises new or old.
Threat Hunters pay close attention to the activities observed in Incident Response engagements, identifying TTPs and Indicators of Compromise/Attack (IOCs/IOAs) that may be worth searching for in other customer environments, and glean insights from the Threat Intelligence and Detection Engineering (TIDE) team’s latest and greatest detections to help craft hypotheticals potentially worthy of the hunt. Threat Hunters also have the unique opportunity to work directly with the minds behind Rapid7’s industry-leading open-source DFIR tool, Velociraptor, crafting new hunt packages and contributing directly back to the cybersecurity community.
In this role, you will:
Conduct ongoing hypothesis-based threat hunts utilizing new TTPs and IOCs/IOAs, discovered through proactive research as well as collaboration with other teams within the organization
Serve as a core component of the Rapid7 ETR team to provide expertise and conduct hunts based on classified emerging threats across MDR customers
Conduct targeted hunts during major incidents based on past attacker activity and Incident Manager direction
Help document and improve hunting processes, tools, and capabilities
Develop new Velociraptor hunt packages based on research and findings
Work closely with engineering, endpoint, TIDE, Rapid7 Labs, and Velociraptor teams to prioritize roadmap items that improve threat hunting capabilities
Provide timely reporting and feedback to stakeholders
When applicable, publish threat hunting topics to the Rapid7 blog
The skills you’ll bring include:
2+ years in a DFIR role, primarily focused on endpoint forensics
Broad knowledge of threat actor groups and their TTPs
Experience with SIEM platforms and querying/analyzing large data sets
Ability to work with minimal oversight and prioritize efficiently
Strong analytical and research skills
Ability to think creatively and intuitively
Differentiators:
SANS FOR508 or FOR608 (or similar) and/or associated certifications (GCFA, GEIR, etc.)
Experience conducting targeted threat hunting
LEQL experience
Experience with Velociraptor
AWS Athena familiarity
Experience with the InsightIDR SIEM/XDR platform
Coding, engineering, and/or development experience
Data science and/or AI experience
We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.
-
Threat Hunter
3 months ago
Melbourne, Australia Rapid7 Full time**Threat Hunter** Just as the Global threat landscape continually evolves, so must we. As such, Rapid7 are delighted to announce this brand new role, our first dedicated Threat Hunter. This individual will be key in helping us continue to defend Rapid7 and its customers Globally. You can expect to play a vital role in scoping and building out an entirely...
-
Threat Hunter
7 days ago
Melbourne, Australia Rapid7 Full timeThe Rapid7 Managed Services Threat Hunting team is responsible for performing proactive, hypothesis-driven threat hunts across all Managed Detection and Response (MDR) customers to identify emerging cyber threats and malicious activity on networks and systems. The Threat Hunter will work proactively to uncover malicious activity that may have been missed by...
-
Threat Hunter
1 day ago
Melbourne, Victoria, Australia Rapid7 Full timeAbout the RoleRapid7's Threat Hunters are skilled professionals who enjoy analyzing threats and trends, both novel and tried-and-true, and using their expertise to craft hypotheses that lead them on the hunt for malicious activity.Key ResponsibilitiesConduct ongoing hypothesis-based threat hunts utilizing new Tactics, Techniques, and Procedures (TTPs) and...
-
Cybersecurity Threat Hunter
1 week ago
Melbourne, Victoria, Australia Microsoft Full time{"title": "Cybersecurity Threat Hunter", "content": "OverviewAt Microsoft, we're committed to building the most trusted devices and services in the world. As part of our Microsoft Security organization, we're responsible for ensuring the security of every aspect of our business. We're seeking a skilled Cybersecurity Threat Hunter to join our Global Hunting,...
-
Cybersecurity Specialist
2 weeks ago
East Melbourne, Australia GGB - Global Full timeAbout the RoleGGB - Global is seeking a highly skilled Cybersecurity Specialist to join our team as a Threat Hunter. This is an exciting opportunity for a seasoned professional to contribute to the protection of our organization's critical assets and the prevention of future security breaches.Key ResponsibilitiesIncident Response and Investigation: Lead and...
-
Cybersecurity Specialist
2 weeks ago
East Melbourne, Australia GGB - Global Full timeAbout the RoleGGB - Global is seeking a highly skilled Cybersecurity Specialist to join our team as a Threat Hunter. This is an exciting opportunity for a seasoned professional to contribute to the protection of our organization's critical assets and the prevention of future security breaches.Key ResponsibilitiesIncident Response and Investigation: Lead and...
-
Threat Intelligence Specialist
4 days ago
Melbourne, Victoria, Australia Rapid7 Full timeAbout the RoleRapid7's Threat Hunters are skilled professionals who leverage their expertise in threat actor Tactics, Techniques, and Procedures (TTPs) to uncover malicious activity and develop strategies to mitigate current and future threats.Key ResponsibilitiesConduct hypothesis-based threat hunts utilizing new TTPs and Indicators of Compromise/Attack...
-
Technical Customer Success Manager
3 months ago
Melbourne, Australia eSentire Full timeAbout eSentire Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business-disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk and enables security at scale. The Team eSentire...
-
Technical Customer Success Manager
2 weeks ago
Melbourne, Victoria, Australia Exact IT Consulting Full timeAbout eSentireeSentire, Inc. is the Authority in Managed Detection and Response, protecting the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats.Founded in 2001, the company's mission is to hunt, investigate and stop cyber threats before they become business-disrupting events....
-
Technical Customer Success Manager
4 weeks ago
Melbourne, Australia eSentire Full timeAbout eSentire Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business-disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk and enables security at scale. The Team eSentire...
-
Enterprise Account Executive
4 months ago
Melbourne, Australia Pulse Recruitment Full timeThis role represents a fantastic opportunity to sell the World's leading Network Monitoring and Network Security tool used by the vast majority of the Fortune 500, boasting 10 years in the Gartner Magic Quadrant. With threat detection front and centre of ASX listed Companies as well as Government Agencies, this is a compelling solution to be selling with...
-
Cyber Security Specialist
4 months ago
Melbourne, Australia Seisma Full timeGovt Client - Melbourne We are always looking for incredible consultants to join our teams as our workforce expands geographically around Australia and New Zealand. Our clients are across banking and finance, agriculture, entertainment, government & utilities - and growing! We have a new opportunity available, and we hope you can help us. **_Client:_**...