Senior Threat Hunter & Incident Responder

Join to apply for the Senior Threat Hunter & Incident Responder role at WebstaurantStore

Get AI-powered advice on this job and more exclusive features.

As the largest online distributor of restaurant supplies and equipment, WebstaurantStore, a Clark Associates company, hosts an expansive catalogue with over 430,000 products that are delivered through fast, dependable shipping, making us the internet's largest restaurant supplier. Our CAST (Clark Associates Security Team) is committed to maintaining the highest standards of security and integrity in all our applications and systems.

We are seeking an experienced senior security professional to fill our opening for a Senior Threat Hunter & Incident Responder. In this role, you will assist with building out our threat hunting program as we seek to proactively identify cyber threats that may evade our traditional automated detection methods. Additionally, you will assist in maturing the organization’s incident response capabilities through playbook creation & refinement. As necessary, this role will also facilitate incident response efforts from detection through recovery. Individuals interested in playing an active role in shaping the organization’s threat detection & response activities are encouraged to apply.

1. Real-Time Monitoring: Actively monitor SIEM, IDS/IPS, and EDR tools to detect potential security incidents.
2. Proactive Threat Identification: Conduct threat-hunting activities to identify threats that may have bypassed existing security controls, using a combination of manual analysis and automated tools.
3. Data Analysis: Analyze large datasets from SIEM, EDR, network traffic, and other sources to identify patterns indicative of malicious activity or make recommendations for tool improvement.
4. Threat Intelligence Integration: Leverage threat intelligence feeds to inform hunting activities and stay up-to-date on the latest adversarial tactics, techniques, and procedures (TTPs).
5. Incident Analysis: Analyze malicious code, network traffic, and system logs to identify the root cause of incidents, potential vulnerabilities, and Indicators of Compromise (IoCs).
6. Documentation: Create detailed incident reports, including root cause analysis, mitigation actions, and lessons learned, ensuring thorough documentation for future reference.
7. Continuous Improvement: Stay informed about emerging threats, frameworks, and best practices to advocate for proactive strategies and controls. Regularly evaluate the organization’s threat landscape & incident response protocols to recommend improvements or additions to defense preparations.

• Work is performed while sitting/standing and interfacing with a personal computer.
• Requires the ability to communicate effectively using speech, vision, and hearing.
• Requires the regular use of hands for simple grasping and fine manipulations.
• Requires occasional bending, squatting, crawling, climbing, and reaching.
• Requires the ability to occasionally lift, carry, push, or pull medium weights, up to 50lbs.

• Access to a reliable and secure high-speed internet connection. Cable or fiber internet connections (at least 75mbps download/10mbps upload) are preferred, as satellite connections often cannot support the technologies used to perform day-to-day tasks.
• Access to a home router and modem.
• A dedicated home office space that is noise- and distraction-free. The space should have strong wireless connection or a wired Ethernet connection (wired connection is preferred, if possible).
• A valid, physical address (apartment, suite, etc.). PO Boxes are not supported, as a physical address is required for you to receive your computer equipment.
• The desire and ability to work and communicate with other team members via chat, webcam, etc.
• Legal residents of one of the specified states. H-1B Visa Sponsorship Not Available, W2 only.

• Minimum 5 years of experience in SOC, Security Analyst, or Security Engineer roles.
• Strong knowledge of MITRE ATT&CK, threat intelligence feeds, and industry best practices (e.g., NIST Cybersecurity Framework, ISO/IEC 27001).
• Hands-on experience operating SIEM, EDR, and IDS/IPS solutions.
• Excellent communication, organizational, and time management skills.
• Relevant certifications preferred: GIAC Threat Intelligence Analyst (GTHA), GIAC Certified Incident Analyst (GCIA), CISSP, or related credentials.

• Bachelor’s degree in Information Security, Information Technology, Computer Science, or related field (or equivalent experience).

• Effective Communication: Able to present threat & incident status to leadership, translating technical threats into business risks.
• Technical Expertise: Skilled in root cause analysis, vulnerabilities, and preventative measures.
• Industry Knowledge: Deep understanding of cybersecurity frameworks and threat landscapes.
• Time and Priority Management: Capable of leading multiple threat hunting and incident response operations.
• Leadership: Plays a strategic role in developing threat-hunting and incident response programs.

The foodservice professional’s premier source for restaurant equipment, supplies, and knowledge online. Our purpose is to empower and equip people to run their businesses more profitably and efficiently.

• Medical, Vision, Dental
• PTO, Paid Maternity & Parental Leave
• Life Insurance, Disability
• Dependent Care FSA, 401(k) matching
• Employee Assistance Program, Wellness Incentives
• Company Discounts, AT&T & Verizon Discount
• Bonus Opportunities

Available at HQ Locations Only

• On-Site Fitness Centers
• Dog-friendly Offices

• Mid-Senior level

• Full-time

• General Business, Management, and Business Development

• Wholesale

Referrals increase your chances of interviewing at WebstaurantStore by 2x