Junior Threat Hunting and Intelligence Engineer
Junior Threat Hunting and Intelligence Engineer
Role Description
Rite Aid is seeking a Junior Threat Hunting and Intelligence engineer to join our Threat Intelligence and Hunting team. You will actively hunt threats and generate effective telemetry to identify the latest tactics, techniques, and procedures of ATPs.
In this role, you will create telemetry within our SIEM and multiple network monitoring tools to identify Indicators of Compromise (IoCs). We seek a self-directed candidate who can readily learn new scripting languages and broaden their expertise of the latest red teaming techniques. You will collaborate across teams to drive solutions and new analytic techniques. We seek candidates with an understanding of current cybercrime and fraud actor TTPs and adept at asking probing questions during analyses. You will have a solid understanding of API, network and host based indicators and how to best leverage them. A thorough knowledge of operating systems internals for both Windows and Linux will be an asset.
Responsibilities
Perform proactive threat hunting by leveraging advanced threat hunting methodologies to actively seek out malicious activity across Rite Aid environments.
Conduct red teaming exercises to validate defenses, telemetry, and identify vulnerabilities, refining collection methods to detect malicious activity.
Design and implement improvements to ensure comprehensive visibility into all corners of the network.
Analyze suspicious network activity, malware samples and incident artifacts to uncover compromise.
Analyze large structured and unstructured data sets to identify indicators of malicious activities.
Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)
Leverage and optimize our SIEM platform to collect, analyze, and correlate security logs, identifying anomalies and potential security incidents.
Develop and implement effective detection rules and incident response playbooks informed by threat hunting and red teaming insights.
Pursue actionable intelligence and profile and track adversaries targeting Rite Aid, translating their tactics into actionable data points to detect indicators of compromise.
Improve and create automation using Zeek and similar scripting languages to increase team efficiency and free up your time for deeper analysis.
Stay up to date with latest threats and familiar with APT and common TTPs.
Requirements
B.S in Computer Science with a specialty in Cyber Security. Specific courses in red teaming, penetration testing, and forensics is a plus.
Strong understanding of network protocols, traffic analysis techniques, and network forensics tools
Thorough understanding of Windows OS and Linux internals
Proficient coding skills specifically in Python, Powershell, and Bash
Zeek scripting experience a plus
Strong interest in tracking threat actor behaviors, including investigating and analyzing TTPs (Tactics, Techniques and Procedures) and attribution research
In-depth knowledge of common offensive techniques and associated tools and architecture
Keen understanding of the cyber kill chain
Knowledge of malware, network flow and big data analysis
Expertise with security vulnerabilities, exploitation techniques, and methods for remediation
Hands-on experience in log analysis, threat detection, and response coordination
Proficient in network traffic analysis and security log correlation.
Passion for staying abreast of the latest cyber threats and attack trends.