Job Posting for Senior Threat Hunting Analyst at CLEAR - Corporate
Founded in 2010, CLEAR’s mission is to create frictionless experiences. With more than 12 million members and hundreds of partners across the world, CLEAR’s identity platform is transforming the way people live, work, and travel. Whether it’s at the airport, stadium, or right on your phone, CLEAR connects you to the things that make you, you - making everyday experiences easier, more secure, and more seamless. Since day one, CLEAR has been committed to privacy done right.
We are looking for a Senior Threat Hunting Analyst to join our team. The ideal candidate has a strong drive to solve security challenges and the desire to implement best-in-class security measures using cutting edge technology. The right person for this role has a proven track record of delivering high-quality security solutions in a scaling environment.
What You Will Do:
Implement new detection capabilities and improve upon existing security tools and playbooks
Review audit logs and identify/audit behavior
Create and disseminate summary reports, investigation reports, and threat briefs
Recommend remediation activities to secure the source or initial point of access of intrusion
Collaborate with threat intelligence support teams to mitigate risk from contact and horizon threats
Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks
Develop and execute custom scripts to identify host-based indicators of compromise. Determine scope of intrusion identifying the initial point of access or source
Provide executive level cyber security strategic recommendations along with security engineering recommendations and custom solutions to counter adversarial activity
Develop analytics to correlate IOCs and maximize threat detection capabilities based off defense analysis processes. Conduct analysis of network traffic and host activity across a wide array of technologies and platforms
Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts. Compile detailed investigation and analysis reports for internal SOC consumption and delivery to management
Develop detection techniques and countermeasures in response to threat actor tactics, techniques, and procedures (TTPs)
Analyze network traffic, IDS/IPS events, packet capture, FW logs, malicious campaigns and evaluate the effectiveness of security technologies
Provide expert analytic investigative support of large scale and complex security incidents
Support the incident response team by providing advanced analysis services when requested to include recommending containment and remediation processes, independent analysis of security events
Perform Root Cause Analysis of security incidents for further enhancement of alert catalog. Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed
Provide forensic analysis of network packet captures, DNS, proxy, vpcflow, malware, host-based security and application logs, as well as logs from various types of security sensors
Provide executive level cyber security strategic recommendations along with security engineering recommendations and custom solutions to counter adversarial activity
Who You Are:
Bachelor’s degree in Computer Science, Information Systems Management, Engineer or related field; equivalent experience considered
6 to 10 years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, and malware triage and identification
Highly desired: Certifications such as OSCP or other recognized pentesting or threat hunting certs
Knowledge and experience with digital forensic processes, chain of custody, and evidence preservation to include disk, file, memory, and network capture, imaging and analysis
Experience with packet analysis and usage of deep packet inspection toolsets
Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITRE ATT&CK Matrix
Working knowledge of Advanced Persistent Threats and cyber crime TTPs
Strong working knowledge of EDR and SOAR solutions
Strong experience with Splunk and Splunk Enterprise security and possess the ability to apply analytical techniques to large data sets
Strong experience with Azure and AWS cloud infrastructure/security
Strong usage of scripting languages for automation, such as Python, Powershell, Bash
Experience with Security Operations
A working understanding of mobile and container security
#LI-Hybrid
Threat Disruption Analyst - Trust and Safety - New York
Salary.com Estimation for Senior Threat Hunting Analyst in New York City, NY
$163,650 to $204,920
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
Sign up to receive alerts about other jobs with skills like those required for the Senior Threat Hunting Analyst.
Click the checkbox next to the jobs that you are interested in.