Founded in 2015 as a fully remote company by former NSA cyber operators, Huntress was built on a simple premise: to force hackers to earn every inch of their access.

Today’s cyber-attacks aren’t limited to large organizations with the security tools that can ward off threats. Hackers don't discriminate and will find a way to penetrate any vulnerability in any size business, which is why Huntress focuses on protecting those small to midsize businesses that make up the backbone of our economy.

Huntress stops hidden threats that sneak past preventive security tools by utilizing our award-winning security platform and expert human threat hunters through dynamic products, including Managed EDR, MDR for Microsoft 365, and Managed Security Awareness Training.

Join the hunt and help us stop hackers in their tracks!

What You’ll Do:

The Huntress Global Hunting & Response team has the unique honor of waking up every morning knowing we will be kicking out threat actors. This team sits alongside our 24x7 Security Operations Center team. It is a skilled team of individuals who review lower confidence signals and manage tactical incident response scenarios to aid customers out of critical intrusions.

Members of this team will get to allocate their time across Hunting efforts and Response efforts. While in Hunting mode, you will get to research new attacker tradecraft, test new theories, and review hunting data at scale for over a million endpoints. While the SOC is responding to alerts within minutes, this team is reviewing more ambiguous signs of attacker activity on a daily & weekly basis.

In the Response side of the role, you will get to flex your incident response and forensics skills. When customers are experiencing the worst incidents of their lives, this team will step in to answer questions core to understanding the cause of an attack, the high-level activities of the attacker once in the environment, and providing remediation actions and recommendations which will help reduce or eliminate this threat occurring again in their environment.

If you love Threat Hunting, Incident Response, and Detection Engineering while in the environment and energy of a SOC, this is the role for you!

Responsibilities:

Perform a cadenced review of hunting data to identify compromises not found during standard SOC workflows
Research, develop, and test new hunting methodologies in the form of new detections or analytics
Lead or support tactical incident response engagements for customers who already utilize Huntress MDR. Forensically timelining systems, performing root cause analysis, and crafting incident reports that summarize the intrusion and next steps
Perform regular rotations in the SOC to stay current and familiar with SOC day-to-day workflows
Perform intermediate malware analysis as part of hunting and response efforts
Contribute to content creation efforts such as blogs, videos, podcasts, and webinars
Speak with customers to explain or summarize findings from investigations

What You Bring To The Team:

3+ years working in one or more of the following: SOC, MDR, or Incident Response firm
Experience leading or participating in Incident Response engagements for external customers
Experience with tools such as osquery, Velociraptor, or leveraging EDRs to perform forensic timelining of systems
Confident command of forensic tools - such as Ericzimmerman’s EZ tools, RegRipper, and Volatility - and forensic artifacts - such as prefetch, jumplists, shellbags, and more
Deep understanding of offensive security tradecraft, particularly persistence, lateral movement, credential theft, and remote access.
Confidently able to track threat actors across an organization and timeline the activity
Strong familiarity with one or more detection languages such as Sigma, Suricata, Snort, or Yara
Strong familiarity with various query languages such as KQL, EQL, ES|QL, Splunk SPL
Intermediate malware analysis skills
Strong understanding of the current threat landscape, initial access brokers, and ransomware actors
Passionate and involved with the community through blogs, social media, conferences, etc.
Experience with scripting (such as PowerShell, Python, Bash, PHP, JavaScript, or Ruby)
Demonstrable experience providing written and/or verbal customer-facing deliverables

Preferred Qualifications:

Experience with detection and response in cloud environments such as Microsoft M365/Azure
Comfortable utilizing Git to contribute to internal projects

What We Offer:

100% remote work environment - since our founding in 2015
Generous paid time off policy, including vacation, sick time, and paid holidays
12 weeks paid parental leave
Highly competitive and comprehensive medical, dental, and vision benefits plans
401(k) with 5% contribution regardless of employee contribution
Life and Disability insurance plans
Stock options for all full-time employees
One-time $500 reimbursement to build/upgrade home office
Annual allowance for education and professional development assistance
$75 USD/month digital reimbursement
Access to both Udemy and BetterUp platforms for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit small businesses.

Accommodations:

If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or participating in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com. Please note that non-accommodation requests to this inbox will not receive a response.

If you have questions about your personal data privacy at Huntress, please visit our privacy page.

#BI-Remote

This job is no longer accepting applications

See open jobs at Huntress.See open jobs similar to "Senior Threat Hunting and Response Analyst" Forgepoint Capital.

See more open positions at Huntress