Threat Hunter
Munich, Germany
Celonis
The Celonis Process Intelligence Platform — powered by process mining — lets you reveal and realize the value opportunities hiding in your business processes - fast. Get started quickly and scale infinitely.We're Celonis, the global leading Process Mining software company and one of the world's fastest-growing SaaS firms. We believe that every company can unlock its full execution capacity - and for that, we need you to join us as a Threat Hunter
The Team:
Our Global information security organization is responsible for security and trust. We think security-offensively and defensively. We continuously monitor our global security posture and are always adapting to the ever-changing threat landscape. The Security Operations team is always looking for talented subject matter experts in domains such as Detection, Response, Threat Hunting, and Vulnerability Management.
The Role:
At each and every Celonis office, we get things done quickly by cultivating an open-minded culture with creative, collaborative, autonomous teams in which the best ideas win. As the first Threat Hunter on our Security Operations Team, you will be responsible for helping to design, build, and deliver major components of Celonis’s threat hunting strategy. The Threat Hunter’s primary duties will focus on finding evidence of threats or suspicious behavior, and leveraging data to improve controls and processes. This role requires a blend of investigative, analytical, security, and technical skills.
The work you’ll do:
- Actively hunt for APT Tactics, Techniques, and Procedures (TTP)/Indicators of Compromise (IOC) , translate them into an iterative process, and work with the Threat Detection Team to deploy them in SIEM and SOAR solutions.
- Create threat models to better understand the IT Enterprise, identify defensive gaps, and prioritize mitigations
- Continuously research, assess and prioritize cyber threats based on internal and external relevance, and impact.
- Proactively and iteratively search through cloud/endpoint/networks logs to detect and isolate advanced threats that are lurking undetected in Celonis’s environment.
- Develop and document new threat hunting strategies to increase our capabilities and find new threats.
- Work with leadership and the engineering team to improve and expand available toolsets
- Drive a transparent and respectful team culture centered on collaboration, listening, and recognition of team members at all levels
The qualifications you need:
- Experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.
- An understanding of the MITRE ATT&CK Framework and Cyber Kill Chain methodologies
- Experience analyzing attacker techniques at all stages of a breach.
- Hands-on experience analyzing diverse tooling and log/data sources, such as : Cloud (AWS, Azure, GCP), DNS, Firewall, Endpoint (Windows and MacOS), etc..
- Strong analytical skills and the ability to effectively research, write, communicate and brief to varying levels of audiences to include at the executive level
- Demonstrated proficiency with regular expression and scripting languages, including Python or PowerShell
What Celonis can offer you:
- The unique opportunity to work within a new category of technology, Execution Management
- Investment in your personal growth and skill development (clear career paths, internal mobility opportunities, mentorships, yearly development stipend)
- Great compensation and benefits packages (stock options, 401(K) matching, generous time off, parental leave, and more)
- Work from home support (mindfulness tools such as Headspace, monthly remote working stipend, flexible working hours, virtual events and workshops)
- A global and growing team of Celonauts from diverse backgrounds to learn from and work with
- An open-minded culture with innovative, autonomous teams
- Employee resource communities to help you feel connected, valued and seen (Women@Celonis, Parents@Celonis, Pride@Celonis, Resilience@Celonis, and more)
- A clear set of company values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future
About Us
Celonis believes that every company can unlock its full execution capacity. Powered by its market-leading process mining core, the Celonis Execution Management System provides a set of applications, and developer studio and platform capabilities for business executives and users to eliminate billions in corporate inefficiencies. Celonis has thousands of global customers and is headquartered in Munich, Germany and New York City, USA with 15 offices worldwide.
Celonis is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Different makes us better.
Tags: APT AWS Azure Cloud Cyber Kill Chain DNS Firewalls GCP Incident response MacOS MITRE ATT&CK Pentesting PowerShell Python Red team SaaS Scripting SIEM SOAR Strategy Threat detection Threat intelligence Vulnerability management Windows
Perks/benefits: Career development Equity Flex hours Flex vacation Home office stipend Parental leave Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs