analyst, cyber threat hunting.

job summary:
Work Location: ONSITE - Dallas, TX

-----------------------------------------------------------

 
location: Dallas, Texas
job type: Contract
salary: $52 - 63 per hour
work hours: 8am to 4pm
education: No Degree Required
 
responsibilities:
Responsibilities:

• Act as a trusted advisor on advanced threat hunting operations, proactively identifying threats, insider misconduct, and anomalous behavior.
• Lead hunt missions by leveraging threat intelligence, multi-source data, and brainstorming sessions to uncover malicious activity.
• Utilize advanced threat hunting techniques and tools to detect, analyze, and respond to security threats. This includes identifying threat actor groups, analyzing command and control (C2) structures, and developing network and host-based Indicators of Compromise (IOCs) or Indicators of Attack (IOAs).
• Investigate and analyze alerts for suspicious or malicious activity across corporate environments, supporting remediation efforts.
• Develop and execute proactive threat hunting methodologies, including defining search criteria to uncover undetected threats.
• Identify and address detection gaps by collaborating with Cyber Security stakeholders to enhance security controls and processes.
• Evaluate and recommend security tools and technologies for threat analysis, impact assessment, and mitigation.
• Conduct root cause analysis, review incident lessons learned, and support compliance audits to improve security posture.
• Participate in threat hunting exercises and tabletop simulations to strengthen cyber resilience.
• Mentor team members, sharing knowledge and best practices to enhance their technical capabilities.
• Detect and respond to threats using security solutions such as SIEM, data lakes, and cloud platforms.
• Support threat response efforts and conduct ad-hoc threat hunts as needed.
• Maintain technical proficiency in Information Security controls, including endpoint, cloud, SaaS, identity, and network security.
• Demonstrate expertise in Endpoint Detection and Response (EDR) tools and techniques.
• Apply foundational knowledge of Digital Forensics and Incident Response (DFIR) processes to threat investigations.

 
qualifications:
Required:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science or a related field; advanced degree preferred.
• 4+ years of experience in the cybersecurity industry, with demonstrated roles in SOC, Incident Response, Threat Intelligence, Malware Analysis, IDS/IPS Analysis, or related functions.
• Proven ability to independently investigate and analyze alerts for anomalous, suspicious, or malicious activity in a corporate environment and support remediation efforts.
• Experience conducting proactive threat hunts, including developing custom search criteria and identifying intrusions or potential incidents.
• Strong understanding of cyber adversarial tactics, techniques, and procedures (TTPs) related to Cyber Crime, Malware, Botnets, Hacktivism, Social Engineering, APTs, and Insider Threats.
• Proficient in Endpoint Detection and Response (EDR) tools and capabilities, with hands-on experience using CrowdStrike, Microsoft Defender, and other major vendors.
• Foundational knowledge of Digital Forensics and Incident Response (DFIR) processes.
• Experience with large dataset analysis and log analysis tools, including Securonix, Snowflake, Python, Pandas, and SQL.
• Skilled in using Regular Expressions, YARA, SIGMA rules, FQL, KQL, and at least one scripting language such as Python, PowerShell, or PERL.
• Strong understanding of cyber adversarial frameworks like MITRE ATT&CK and Lockheed Martin's Cyber Kill Chain.
• Hands-on experience hunting for Indicators of Compromise (IOCs) in SIEM and EDR tools such as Securonix, Microsoft Defender, Microsoft Purview, Microsoft Sentinel, Palo Alto XSOAR, ThreatConnect, and Recorded Future.
• Excellent written and verbal communication skills with the ability to explain technical threat hunt objectives and findings to both technical and non-technical audiences, effectively communicating associated risks.
• Certifications such as Network+, Security+, CISSP, CISM, GCIH, GCFA, and/or cloud-specific certifications like AWS Cloud Practitioner, AWS Certified Security - Specialty, and Microsoft Certified: Azure Security Engineer Associate

 
skills: Required:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science or a related field; advanced degree preferred.
• 4+ years of experience in the cybersecurity industry, with demonstrated roles in SOC, Incident Response, Threat Intelligence, Malware Analysis, IDS/IPS Analysis, or related functions.
• Proven ability to independently investigate and analyze alerts for anomalous, suspicious, or malicious activity in a corporate environment and support remediation efforts.
• Experience conducting proactive threat hunts, including developing custom search criteria and identifying intrusions or potential incidents.
• Strong understanding of cyber adversarial tactics, techniques, and procedures (TTPs) related to Cyber Crime, Malware, Botnets, Hacktivism, Social Engineering, APTs, and Insider Threats.
• Proficient in Endpoint Detection and Response (EDR) tools and capabilities, with hands-on experience using CrowdStrike, Microsoft Defender, and other major vendors.
• Foundational knowledge of Digital Forensics and Incident Response (DFIR) processes.
• Experience with large dataset analysis and log analysis tools, including Securonix, Snowflake, Python, Pandas, and SQL.
• Skilled in using Regular Expressions, YARA, SIGMA rules, FQL, KQL, and at least one scripting language such as Python, PowerShell, or PERL.
• Strong understanding of cyber adversarial frameworks like MITRE ATT&CK and Lockheed Martin's Cyber Kill Chain.
• Hands-on experience hunting for Indicators of Compromise (IOCs) in SIEM and EDR tools such as Securonix, Microsoft Defender, Microsoft Purview, Microsoft Sentinel, Palo Alto XSOAR, ThreatConnect, and Recorded Future.
• Excellent written and verbal communication skills with the ability to explain technical threat hunt objectives and findings to both technical and non-technical audiences, effectively communicating associated risks.
• Certifications such as Network+, Security+, CISSP, CISM, GCIH, GCFA, and/or cloud-specific certifications like AWS Cloud Practitioner, AWS Certified Security - Specialty, and Microsoft Certified: Azure Security Engineer Associate

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including health, an incentive and recognition program, and 401K contribution (all benefits are based on eligibility).

This posting is open for thirty (30) days.