Threat Hunter

As a member of the dedicated MXDR Threat Hunting Team, your role will be to take part in and carry out regular targeted and scalable threat hunts under the guidance and direction of the Threat Hunt manager and Senior Threat Hunters across our global MXDR client-base. This role focusses around the delivery, support and continual development of our hypothesis led, native threat hunting capability, providing our clients with bleeding edge detections in response to live, real-world threats and Intelligence. You will be a member of a small team of passionate threat hunters who carry out the ad-hoc and scheduled monthly threat hunts and report on them accordingly.

Summary :

• Carry out hypothesis-based threat hunting on a regular basis under the guidance of the SOC Threat Hunt Manager and Seniors, across our global MXDR clients. This includes customers under our XDR for Sentinel & XDR for Splunk Managed Services.
• Carry out monthly TI driven threat hunts and engage in collaborative internal and external reporting under the guidance of the SOC Threat Hunt Manager.
• Respond to NCC Group high-severity TI alerts and CVEs with ad-hoc threat hunts across clients under the guidance of the SOC Threat Hunt Manager.

What we are looking for in you :

• Minimum 3 years of experience within an operational cyber security or TI role.
• Applicable IT technical, engineering, data-science or intelligence related background.
• Developed understanding of Intelligence-driven, hypothesis-led hunting demonstrable at interview.
• Investigative and curious mindset with a drive to seek out and discover the unknown.
• Microsoft SC200 Certified.
• Splunk Certified Power User / Advanced Power User.
• Crest, GIAC or CISSP Certification.
• Degree in related field.
• Other relevant certifications.

Working Hours : The working hours are 0900-1730hrs Mon-Fri, and you would be expected to be working and contactable throughout those times. There is no scheduled out of hours work but may be required in emergency situations only.

Professionalism : Conduct yourself with professionalism, integrity, and ethical behaviour in all interactions and situations.

Proactive : Demonstrate a proactive approach to process improvement and process creation, ensuring conformity to the standards of the MXDR SOC.

Collaboration : Work well within a team environment, communicating effectively with colleagues from different departments and sharing insights to improve security posture.

Adaptability : Embrace changes in technology and processes, adapting to new challenges and learning quickly in a dynamic security landscape.

• Focusing on Clients and Customers.
• Working as One NCC.
• Being Inclusive and Respectful.
• Delivery Brilliantly.

Why NCC Group?

At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.

Our colleagues are our greatest asset, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.

What do we offer in return?

We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits;