Security Analyst - Threat Hunter

CYPFER is a true first-responder Cybersecurity organization enabling clients to return to business rapidly, the right way, following a cyber-attack. We are a global market leader in ransomware post-breach remediation and cyber-attack first response. We deliver results that far surpass market statistics for cyber-extortion and ransomware events. Our team of cybersecurity professionals works with prominent global insurance carriers, leading law firms, and Fortune 1000 businesses.

Do you enjoy cyber security research and innovation, proactive thinking and problem solving, in a challenging and adaptive environment while consistently thinking outside of the box? If so, this opportunity is right for you!

We’re looking for an experienced Security Analyst - Threat Hunter to fill a technical role on the team, who is constantly thinking outside the box, ready to dive deep into the smallest details, is passionate about cybersecurity and has a natural detective sense. The right candidate has experience in both offensive and defensive operations and enjoys innovation and security research.

• Create detection engineering solutions to proactively identify and mitigate sophisticated threat actors (APTs/UNCs) and insider threats
• Analyze, research and reverse engineer Tactics Techniques and Procedures (TTPs) and malware samples to create detections based on industry leading frameworks such as MITRE ATT&CK
• Develop, plan, lead and participate in Purple Team Exercises focusing on and discovering and mitigating emerging threats
• Innovate and create novel solutions including User Behavior Analytics (UBA) models by leveraging Data Science and Machine Learning (ML), bringing cybersecurity and data science closer
• Collaborate and foster relationships with multiple teams including Adversary Emulation (Red Team), Data Science, Threat Intelligence, Security Operation Centre (SOC) and Digital Forensics and Incident Response (DFIR) to drive pragmatic cyber security improvement
• Work closely with our dedicated Development team to create and enhance our threat hunting in-house developed products
• Develop, implement, and refine our defensive tradecraft and tooling
• Provide bespoke advisory and consultation services to senior executive management and perform as a cyber security SME for emerging threats and investigations
• Work and utilize vast data sources, data lakes and security vendor solutions
• In conjunction with other members of the Global Security group, you would ensure the ongoing enhancement of the threat hunting methodologies and overall strategy to detect and alert of cyber threats

• 5+ years of Cyber Security operations experience preferably comprised of both defensive and offensive roles
• Familiarization with the cyber security Kill Chain phases and MITRE ATT&CK framework TTPs
• Knowledge of offensive security tools, techniques, procedures and security domains focusing on operational security
• Solid grasp of cyber security controls/products including both endpoint, network, application, and infrastructure
• Knowledge of current regional and global threat landscape
• Strong knowledge of Python

• Hands-on experience in malware analysis, reverse engineering, and security research
• Prior experience conducting blue/purple team exercises or penetration testing
• Digital Forensics skills including memory/network/OS/disk forensics
• Defensive oriented certification such as GIAC GREM, GCFA or other reputable, technical, and defensive/offensive focused certification
• Cloud knowledge and expertise of leading cloud providers (AWS, GCP, Azure)
• Programming languages such as C++/C#/JavaScript/Assembly
• Hands-on experience working with LLM and RAG technologies

CYPFER is an equal opportunity employer. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know. We celebrate our inclusive work environment and welcome members of all backgrounds and perspectives to apply.

We thank you for your interest in joining the CYPFER team! While we welcome all applicants, only those who are selected for an interview will be contacted.