Threat Hunting Researcher

Summary

Join Palo Alto Networks' Unit 42 Managed Services group as a Threat Hunt Analyst. You will proactively search for malicious activity within organizations' networks using advanced tools and methodologies. This role requires a deep understanding of cybersecurity, incident response, and threat intelligence, along with strong technical skills. You will collaborate with various teams, communicate findings effectively, and provide technical support to customers. Continuous learning and development are encouraged. The position offers a competitive salary and benefits package.

Requirements

• At least 4 years in SOC, IR, Hunting or MDR teams, skilled in EDR, SIEM, SOAR, and firewalls – Must understand attack trends and excel in threat detection
• Proficiency in EDR, SIEM, SOAR, and firewalls is essential
• Excellent communication skills, able to clarify technical concepts and collaborate effectively, with a strong customer-first orientation
• Thrive in both independent and team environments, display strong organizational skills, focus, and leadership or significant contribution capabilities
• Proactive individuals with a "Play-to-Win" attitude, dedicated to advancing in cybersecurity, solving problems creatively, and achieving exceptional outcomes

Responsibilities

• Proactively search for signs of malicious activity within an organization's network
• Identify anomalies and potential threats that may go undetected by traditional security solutions
• Actively engage in research and experimentation to develop new hunting techniques and stay ahead of evolving threats
• Work closely with other teams, such as Incident Response, Threat Intelligence, Customers, and cybersecurity leadership, to share findings and coordinate response efforts
• Monitor Customer Communications – Actively monitor channels like emails, ticket systems, and Zoom to quickly identify and prioritize cybersecurity inquiries, ensuring prompt and attentive customer service
• Incident Investigation – Provide initial support in incident investigations, working with customers to understand incidents fully and gather necessary data, while escalating complex cases as needed
• Threat Inquiry Response – Stay informed about the latest cybersecurity developments and use this knowledge to address customer questions about emerging threats, offering clear guidance and mitigation strategies
• Technical Query Support – Utilize XQL expertise to assist customers with complex queries for data analysis and incident investigations using Palo Alto Networks XDR, helping them gain valuable insights
• Educational Support – Clearly explain the technical aspects of threats and Palo Alto Networks' XDR product to customers, advising on best practices for threat detection, analysis, and response
• Collaborate Internally – Work closely with internal teams like MDR, threat intelligence, and research to provide holistic support to customers and improve Palo Alto Networks' offerings based on customer feedback
• Documentation and Reporting – Maintain detailed records of customer interactions and contribute to creating incident reports and knowledge base articles to support both customers and internal teams
• Ongoing Learning – Engage in continuous learning and training to enhance your cybersecurity and threat hunting skills, keeping abreast of new threats, technologies, and best practices to better support customers

Preferred Qualifications

A strong background in SQL or similar is preferred

Benefits

• Starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $107000 - $174000/YR
• The offered compensation may also include restricted stock units and a bonus