Logo of Huzzle

Cyber Security Threat Hunter

image

WTW

5d ago

  • Job
    Full-time
    Senior & Expert Level
  • Software Engineering
    IT & Cybersecurity
  • Madrid

AI generated summary

  • You need extensive cyber threat hunting experience, mentoring skills, proficiency in log interpretation, knowledge of TTPs and cloud security, along with strong communication and scripting abilities.
  • You will conduct threat hunting, analyze anomalies, report findings, develop detection methods, mentor others, and support incident response through forensics and strategic recommendations.

Requirements

  • A detail-oriented professional with a proactive mindset to stay ahead of emerging threats.
  • A team player who thrives in a collaborative environment and can navigate complex challenges effectively.
  • Someone passionate about making a tangible impact on WTW’s cybersecurity resilience.
  • Extensive experience in cyber threat hunting, security incident response, and digital forensics in fast-paced, global environments.
  • Proven ability to mentor and coach analysts, fostering skill development and career growth.
  • Strong problem-solving and analytical skills, with the ability to influence stakeholders and drive effective decision-making.
  • Expertise in adversarial tactics, techniques, and procedures (TTPs), the MITRE ATT&CK framework, cyber kill chain, and hacking/post-exploitation tools.
  • Proficiency in interpreting and querying diverse log types (e.g., Windows Event, Web server, Firewall logs) and conducting threat hunts within SIEM and EDR tools.
  • Knowledge of forensic methodologies, open-source tooling, and cloud security, including incident response in cloud environments.
  • Experience delivering technical presentations and reports to both technical and non-technical audiences.
  • Familiarity with scripting languages such as Python, PowerShell, and KQL, with a functional understanding of programming concepts.
  • Industry-recognized certifications in Cyber Incident Response, Forensics, or Malware Analysis are a plus.
  • Strong communication, collaboration, and interpersonal skills to effectively convey security and risk concepts across diverse audiences.

Responsibilities

  • Conduct threat-hunting operations to identify and mitigate potential threats before they can impact the organization.
  • Develop and execute hypothesis-driven threat hunting techniques to uncover adversary tactics, techniques, and procedures (TTPs).
  • Deliver detailed threat analysis and reports to executive leadership and stakeholders.
  • Provide actionable recommendations to enhance the organization's security posture.
  • Develop and implement advanced log analysis and search capabilities to identify sophisticated external and insider threats.
  • Investigate anomalies, correlate findings with threat intelligence, and propose mitigation strategies.
  • Perform targeted threat-hunting campaigns using adversary TTPs and insights from system telemetry and security data sources.
  • Support incident investigations by providing detailed analysis and insights derived from threat-hunting operations.
  • Share findings, analysis, and recommendations with cross-functional teams to improve the overall security posture and incident response effectiveness.
  • Contribute to the design and implementation of advanced threat detection methodologies, playbooks, and automation processes to enhance hunting capabilities.
  • Provide thought leadership and mentorship to junior analysts, fostering a continuous learning culture within the team.
  • Analyze security trends and assess their impact on the organization, providing actionable insights to leadership.
  • Serve as an escalation point during critical cybersecurity incidents, providing incident response, Digital forensic analysis, and malware assessment to support containment, eradication, and recovery efforts.
  • Conduct host and network forensics, log analysis, and evidence collection for on-premises and cloud systems, ensuring proper chain of custody and documentation.

FAQs

What is the primary role of the Cyber Threat Hunting Principal Analyst?

The primary role is to proactively detect, investigate, and mitigate sophisticated external and insider threats as part of the Global Information and Cyber Security Defence function.

Are there any management responsibilities associated with this position?

Yes, the individual may have line-management responsibilities for analysts within the Cyber Threat Hunting and Forensics Team.

What skills are important for the Cyber Threat Hunting Principal Analyst?

Important skills include strong problem-solving and analytical skills, expertise in adversarial tactics and techniques, proficiency in querying diverse log types, and effective communication skills.

What qualifications are required for this role?

Candidates should have extensive experience in cyber threat hunting, digital forensics, and security incident response, along with knowledge of forensic methodologies, scripting languages, and industry-recognized certifications being a plus.

Where is the job location?

The job could be based in Spain, Portugal, or Poland.

What is the process for applying for this job?

The application process includes an online application, recruiter review, phone or video interviews with the recruiter and hiring manager, followed by an offer and onboarding.

Will there be opportunities for travel?

Yes, occasional global travel may be required for this role.

Are there opportunities for professional development in this position?

Yes, the role includes responsibilities for mentoring junior analysts and fostering a continuous learning culture within the team.

Do we provide any accommodations during the application process?

Yes, WTW is committed to equal employment opportunity and provides application, interview, and workplace adjustments to all applicants.

What tools and technologies will I be expected to use in this role?

Proficiency in SIEM and EDR tools, as well as familiarity with scripting languages such as Python and PowerShell, will be necessary for effective threat hunting and analysis.

We transform tomorrows

Finance
Industry
10,001+
Employees
2016
Founded Year

Mission & Purpose

At WTW (NASDAQ: WTW), we provide data-driven, insight-led solutions in the areas of people, risk and capital. Leveraging the global view and local expertise of our colleagues serving 140 countries and markets, we help you sharpen your strategy, enhance organizational resilience, motivate your workforce and maximize performance.