Threat Hunter
3 months ago
The Rapid7 Managed Services Threat Hunting team is responsible for performing proactive, hypothesis-driven threat hunts across all Managed Detection and Response (MDR) customers to identify emerging cyber threats and malicious activity on networks and systems.
The Threat Hunter will work proactively to uncover malicious activity that may have been missed by traditional security measures, and will develop strategies to mitigate current and future threats. This role leverages internal and open source tools to accomplish threat hunting at scale. The Threat Hunting team is also responsible for coordinating closely with Rapid7’s Emergent Threat Response (ETR) program and working closely with related cross-functional teams.
About the Team
Rapid7’s Managed Detection and Response (MDR) team is built from the ground up to bring motivated and passionate security talent face to face with emerging threats, practical challenges, and evil at scale.
Our MDR service uses an impact-driven mindset to focus efforts on effective solutions, encouraging personal and technical innovation within the SOC. MDR provides 24/7/365 monitoring, threat hunting, incident response, and more with a focus on endpoint detection and behavioral intelligence.
About the Role
Rapid7’s Threat Hunters are tenacious individuals who enjoy analyzing threats and trends, both novel and tried-and-true, and using their heads to craft hypotheses that lead them on the hunt for the proverbial needle-in-a-haystack.
The day-to-day of a Threat Hunter may include conducting research on threat actor Tactics, Techniques, and Procedures (TTPs), determining what types of activities may be worthy of hunting for, and formulating the best method by which to dig through customers’ data in order to identify evidence of said TTPs; or, in the case of the swell-up of events qualifying for Rapid7’s Emergent Threat Response, assisting teams across Rapid7 in identifying ways to search for and notify customers of the next big evil thing that could be sitting right on their doorstep, waiting to pounce. Hunters may derive hypotheses that are worthy of conducting broad-scale hunts across the entire MDR customer base, or they may target specific customer environments or industry verticals to sniff out compromises new or old.
Threat Hunters pay close attention to the activities observed in Incident Response engagements, identifying TTPs and Indicators of Compromise/Attack (IOCs/IOAs) that may be worth searching for in other customer environments, and glean insights from the Threat Intelligence and Detection Engineering (TIDE) team’s latest and greatest detections to help craft hypotheticals potentially worthy of the hunt. Threat Hunters also have the unique opportunity to work directly with the minds behind Rapid7’s industry-leading open-source DFIR tool, Velociraptor, crafting new hunt packages and contributing directly back to the cybersecurity community.
In this role, you will:
Conduct ongoing hypothesis-based threat hunts utilizing new TTPs and IOCs/IOAs, discovered through proactive research as well as collaboration with other teams within the organization
Serve as a core component of the Rapid7 ETR team to provide expertise and conduct hunts based on classified emerging threats across MDR customers
Conduct targeted hunts during major incidents based on past attacker activity and Incident Manager direction
Help document and improve hunting processes, tools, and capabilities
Develop new Velociraptor hunt packages based on research and findings
Work closely with engineering, endpoint, TIDE, Rapid7 Labs, and Velociraptor teams to prioritize roadmap items that improve threat hunting capabilities
Provide timely reporting and feedback to stakeholders
When applicable, publish threat hunting topics to the Rapid7 blog
The skills you’ll bring include:
2+ years in a DFIR role, primarily focused on endpoint forensics
Broad knowledge of threat actor groups and their TTPs
Experience with SIEM platforms and querying/analyzing large data sets
Ability to work with minimal oversight and prioritize efficiently
Strong analytical and research skills
Ability to think creatively and intuitively
Differentiators:
SANS FOR508 or FOR608 (or similar) and/or associated certifications (GCFA, GEIR, etc.)
Experience conducting targeted threat hunting
LEQL experience
Experience with Velociraptor
AWS Athena familiarity
Experience with the InsightIDR SIEM/XDR platform
Coding, engineering, and/or development experience
Data science and/or AI experience
We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.
-
Threat Hunter
3 months ago
Melbourne, Australia Rapid7 Full timeThe Rapid7 Managed Services Threat Hunting team is responsible for performing proactive, hypothesis-driven threat hunts across all Managed Detection and Response (MDR) customers to identify emerging cyber threats and malicious activity on networks and systems. The Threat Hunter will work proactively to uncover malicious activity that may have been missed by...
-
Cybersecurity Threat Hunter
1 month ago
Melbourne, Victoria, Australia Amazon Full timeJob OverviewWe are seeking a highly skilled Cybersecurity Threat Hunter to join our team at Amazon in Sydney. This is an exciting opportunity for a seasoned Security Engineer to work within the Security Incident Response Team (SIRT) and respond to security events, conduct analysis of threats, and provide security services to safeguard sensitive data.
-
IT Security Analyst
4 weeks ago
Melbourne, Victoria, Australia Ntt Full timeAbout the RoleWe are seeking an experienced IT Security Analyst to join our team as a Threat Hunter. This role involves monitoring security tools, analyzing and interpreting security logs, and reporting on security incidents to clients.The ideal candidate will have advanced knowledge of SIEM systems, security architecture, and modern computer systems. They...
-
Threat Hunter and Response Specialist
4 weeks ago
Melbourne, Victoria, Australia Rapid7 Full timeRapid7's Detection & Response Services team offers the opportunity to work with clients to improve their incident response programs, develop methods for identifying and analyzing breaches, and respond to active incidents. Our Incident Responders pride themselves on their ability to think critically, adapt to constantly changing attack methodologies, and...
-
Cyber Security Threat Hunter
4 weeks ago
Melbourne, Victoria, Australia Verifone Full timeVerifoneA career as a Cyber Security Threat Hunter at Verifone offers the opportunity to work with a leading electronic payment solutions provider.About the Role:We are seeking an experienced Cyber Security Threat Hunter to join our team. The successful candidate will be responsible for designing, implementing and maintaining security measures to protect our...
-
Cyber Threat Investigator
4 weeks ago
Melbourne, Victoria, Australia Rapid7 Full timeAbout the RoleRapid7's Threat Hunters are expert investigators who enjoy analyzing threats and trends, both novel and tried-and-true, and using their expertise to craft hypotheses that lead them on the hunt for malicious activity. The day-to-day of a Threat Hunter may include conducting research on threat actor Tactics, Techniques, and Procedures (TTPs),...
-
Cybersecurity Threat Hunter
4 weeks ago
Melbourne, Victoria, Australia TESSERENT Full timeJob Description:Tesserent is seeking an experienced and highly motivated SOC Security Analyst to join our Security Operations Centre (SOC) team. The successful candidate will be responsible for actively monitoring, investigating, and responding to security threats.In this role, you will move into a generalist security analyst position within our Security...
-
Cybersecurity Threat Hunter
4 weeks ago
Melbourne, Victoria, Australia Rapid7 Full timeAbout the RoleRapid7 is seeking a skilled Incident Responder to join our Detection & Response Services team. As an Incident Responder, you will split your time between reactive breach response cases and proactive customer engagements, delivering threat hunting and detection & response exercises with our customers' dedicated internal security teams.
-
Cyber Threat Analyst
4 weeks ago
Melbourne, Victoria, Australia Rapid7 Full timeAt Rapid7, we are passionate about protecting our customers from cyber threats. As a Cyber Threat Analyst - Endpoint Forensics Specialist, you will play a crucial role in uncovering and mitigating emerging threats.About the RoleThis is an exciting opportunity to join our team of threat hunters who use their expertise to analyze threats, trends, and tactics...
-
Melbourne, Victoria, Australia Trustwave Full timeAbout TrustwaveTrustwave is a leading cybersecurity services provider, focused on threat detection and response. Our team of cyber consultants, threat hunters, and researchers serve clients in 96 countries, uncovering threats that others can't and responding quicker than others can to protect against the devastating impacts of cyberattacks.Benefits$55,000...
-
Senior SOC Specialist
4 weeks ago
Melbourne, Australia The Decipher Bureau Full timeCalling the Threat Hunters, Incident Responders and Detection Specialists…. If you’re passionate about both hunting and responding with experience in both (Or very strong experience in one) we would love to chat to you. This is a chance to work in an advanced SOC environment with a highly skilled team offering continuous training, new technologies and...
-
Technical Customer Success Manager
6 months ago
Melbourne, Australia eSentire Full timeAbout eSentire Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business-disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk and enables security at scale. The Team eSentire...
-
Technical Customer Success Manager
4 months ago
Melbourne, Australia eSentire Full timeAbout eSentire Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business-disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk and enables security at scale. The Team eSentire...
-
Enterprise Account Executive
7 months ago
Melbourne, Australia Pulse Recruitment Full timeThis role represents a fantastic opportunity to sell the World's leading Network Monitoring and Network Security tool used by the vast majority of the Fortune 500, boasting 10 years in the Gartner Magic Quadrant. With threat detection front and centre of ASX listed Companies as well as Government Agencies, this is a compelling solution to be selling with...
-
Cybersecurity Solutions Expert
3 weeks ago
Melbourne, Victoria, Australia Trustwave Full timeAbout TrustwaveTrustwave is a leading cybersecurity provider focused on threat detection and response. We uncover threats that others can't and respond quicker than others can to protect against cyberattacks. Our team of expert consultants, threat hunters, and researchers serves clients in 96 countries. At Trustwave, you'll learn alongside the best, make a...