You are viewing a preview of this job. Log in or register to view more details about this job.

Junior Threat Hunting and Intelligence Engineer

Rite Aid
Email

Junior Threat Hunting and Intelligence Engineer

 

Role Description

Rite Aid is seeking a Junior Threat Hunting and Intelligence engineer to join our Threat Intelligence and Hunting team. You will actively hunt threats and generate effective telemetry to identify the latest tactics, techniques, and procedures of ATPs. 

In this role, you will create telemetry within our SIEM and multiple network monitoring tools to identify Indicators of Compromise (IoCs).  We seek a self-directed candidate who can readily learn new scripting languages and broaden their expertise of the latest red teaming techniques.   You will collaborate across teams to drive solutions and new analytic techniques.  We seek candidates with an understanding of current cybercrime and fraud actor TTPs and adept at asking probing questions during analyses. You will have a solid understanding of API, network and host based indicators and how to best leverage them. A thorough knowledge of operating systems internals for both Windows and Linux will be an asset.

Responsibilities

Perform proactive threat hunting by leveraging advanced threat hunting methodologies to actively seek out malicious activity across Rite Aid environments.

Conduct red teaming exercises to validate defenses, telemetry, and identify vulnerabilities, refining collection methods to detect malicious activity.

Design and implement improvements to ensure comprehensive visibility into all corners of the network. 

Analyze suspicious network activity, malware samples and incident artifacts to uncover compromise.

Analyze large structured and unstructured data sets to identify indicators of malicious activities.

Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)

Leverage and optimize our SIEM platform to collect, analyze, and correlate security logs, identifying anomalies and potential security incidents.

Develop and implement effective detection rules and incident response playbooks informed by threat hunting and red teaming insights.

Pursue actionable intelligence and profile and track adversaries targeting Rite Aid, translating their tactics into actionable data points to detect indicators of compromise.

Improve and create automation using Zeek and similar scripting languages to increase team efficiency and free up your time for deeper analysis.

Stay up to date with latest threats and familiar with APT and common TTPs.

 

Requirements

B.S in Computer Science with a specialty in Cyber Security.   Specific courses in red teaming, penetration testing, and forensics is a plus. 

Strong understanding of network protocols, traffic analysis techniques, and network forensics tools

Thorough understanding of Windows OS and Linux internals 

Proficient coding skills specifically in Python, Powershell, and Bash

Zeek scripting experience a plus

Strong interest in tracking threat actor behaviors, including investigating and analyzing TTPs (Tactics, Techniques and Procedures) and attribution research

In-depth knowledge of common offensive techniques and associated tools and architecture

Keen understanding of the cyber kill chain

Knowledge of malware, network flow and big data analysis

Expertise with security vulnerabilities, exploitation techniques, and methods for remediation

Hands-on experience in log analysis, threat detection, and response coordination

Proficient in network traffic analysis and security log correlation.

Passion for staying abreast of the latest cyber threats and attack trends.