Cyber Security Threat Hunter Expert

Join to apply for the Cyber Security Threat Hunter Expert role at Huntington National Bank

1 week ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

The Cyber Security Threat Hunter Expert reviews security events to identify and prioritize potential threats and identify trends utilizing various tools and technologies. Analyze available data sources, security tools, and threat trends to identify attacks against the enterprise. Perform incident response, issue resolution, and assessment or communication of security risks to the enterprise. The Cyber Security Operations Analyst Expert will recommend and implement defensive measures in security technologies including WAF, NAC, IPS/IDS, NGFW, Anti-Virus, etc. You will work closely with other teams within Cybersecurity and with IT Operations.

The Cyber Security Threat Hunter Expert reviews security events to identify and prioritize potential threats and identify trends utilizing various tools and technologies. Analyze available data sources, security tools, and threat trends to identify attacks against the enterprise. Perform incident response, issue resolution, and assessment or communication of security risks to the enterprise. The Cyber Security Operations Analyst Expert will recommend and implement defensive measures in security technologies including WAF, NAC, IPS/IDS, NGFW, Anti-Virus, etc. You will work closely with other teams within Cybersecurity and with IT Operations.

• Provide leadership and training opportunities for entry level Incident Response Analysts
• Proactively identify, remediate, and communicate security threats occurring in the Huntington environment
• Participate in the day-to-day security operations monitoring and response from the Cybersecurity Operations Center.
• Perform malware analysis, reverse engineering, and de-obfuscation techniques
• Evaluate, respond, and mitigate alerts that originate from the SIEM and the Cybersecurity product suite, e.g. NGFWs, IDS/IPS, Anti-virus, Web Application Firewalls, NAC Solution, etc.
• Implement or recommend mitigations including the creation and development of new alerts and rules within the various cyber security tools.
• Be able to analyze and identify malicious activity during the various attack stages.
• Maintain a high level of technical expertise on Cyber Security defense-in-depth technology and best practices by performing ongoing research and engagement to maintain awareness of industry trends, best practices.
• Collaborate with the Cyber Security Engineering and IT Operations teams.
• Participate in the day-to-day security operations monitoring and response from the Cyber Security Operations Center.
• Perform malware analysis, reverse engineering, and de-obfuscation techniques.
• Implement or recommend mitigations including the creation and development of new alerts and rules within the various cyber security tools.
• Performs other duties as assigned.

• Bachelors Degree
• 5+ years of experience in Cybersecurity
• 1+ years data analytics experience
• 5 years Threat Hunting

• Expert understanding of common attack vectors, DDoS attacks, Phishing, web & application attacks, and malware
• Familiarity with memory captures and analysis of them
• Experience and familiarity with tactical triage of binaries for surface and run time analysis for incident response purposes
• Expert knowledge of common critical network protocols and layer 7 technologies such as SMTP, HTTP, HTTP/S, SSL/TLS, DNS, FTP, SSH, and others
• Expert knowledge of a SIEM and various cyber security technologies such as EDR, AV, IDS/IPS, and WAFs
• Expert Knowledge with advanced persistent threats and their tactics, techniques, and procedures
• Expert Knowledge with the incident response Kill Chain
• Fundamental understanding of Windows, Mac OSX, and Linux operating systems
• Fundamental understanding of OSI model, basic networking and troubleshooting concepts
• Experience with programming or scripting, including PowerShell, Bash, Python, Yara, and Perl
• Expert knowledge of incident response frameworks and handling procedures
• Understanding and knowledge of various log formats from a variety of network and computer devices
• Knowledge of Cyber risks and threats related to Cyber attackers
• Knowledge of recent Cyber events and interpreting kill chain process and threat impacts
• Excellent presentation, analytical, and critical-thinking skills

Occasional travel may be required

#Hybrid

Yes

Office

Certain positions outside our branch network may be eligible for a flexible work arrangement. We’re combining the best of both worlds: in-office and work from home. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. Remote roles will also have the opportunity to come together in our offices for moments that matter. Specific work arrangements will be provided by the hiring team.

Huntington is an Equal Opportunity Employer.

Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.

Huntington Bank will not pay a fee for any placement resulting from the receipt of an unsolicited resume. All unsolicited resumes sent to any Huntington Bank colleagues, directly or indirectly, will be considered Huntington Bank property. Recruiting agencies must have a valid, written and fully executed Master Service Agreement and Statement of Work for consideration.

• Mid-Senior level

• Full-time

• Information Technology

• Banking, Financial Services, and Investment Banking

Referrals increase your chances of interviewing at Huntington National Bank by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.