Cyber Hunt Threat Analyst

Stuttgart, Baden-Württemberg, Germany

Full Time
Spinvi logo
Spinvi
Apply now Apply later

Posted 1 week ago

Position Description: The Cyber Hunt and Threat Analysis team is seeking a motivated individual with strong technical competency that will research and implement detection measures using data from a wide spectrum of sources. The candidate will also perform opportunistic threat hunting and forensic analysis when required during incidents.

Qualifications:

  • Minimum 3-5 years of comparable experience performing Incident Response, Forensics, Malware Analysis, or Penetration Testing
  • 5-7 years of experience if no degree
  • Must be proficient in at least three of the following disciplines:
  • Bachelor’s degree or higher from accredited university/technical college in Cybersecurity, Computer Science, Information Systems, or other related scientific or technical discipline
  • 8570 Classification IAT –II & CSSP Certification
  • Network traffic analysis and host based log analysis
  • Comprehensive understanding of enterprise Windows security (Active Directory)
  • Static and Dynamic malware analysis
  • Disk and Memory forensics
  • Practical knowledge in at least one scripting or development language (e.g. PowerShell or Python)

Recommended Education:

  • Bachelor’s degree or higher from accredited university/technical college in Cybersecurity, Computer Science, Information Systems, or other related scientific or technical discipline

Certifications:

  • 8570 Classification IAT –II & CSSP Certification

Requirements

Required Skills:

  • Strong written and verbal communication skills
  • Strong understanding of common enterprise technologies
  • Ability to convey extremely technical concepts to audiences with varying technical understanding

Responsibilities:

  • Use Network and Host Based data to drive detection, monitoring, and response capabilities
  • Create detection analytics based off the MITRE ATT&CK Framework and other security frameworks
  • Perform unique research on adversarial Tools, Techniques, and Procedures (TTPs)
  • Provide assistance to the Network Security Monitoring team in response to incidents by analyzing host behavior and network traffic
  • Perform static and dynamic malware analysis to feed Indicators of Compromise into the Incident Response process

Additional Information:

  • Authorized to update signatures and view alerts of IDS/ IPS
  • Authorized to view audit records on Central Log Server
  • Authorized to modify auditable events on Central Log Server

Benefits


  • Long Term Disability
  • Basic Life Insurance
  • Basic Accidental Death & Dismemberment Insurance
  • Direct Payroll Deposit
  • Leave Accrual
  • Holidays


Optional Benefits

  • Short Term Disability
  • Additional (Voluntary) Life Insurance
  • Additional (Voluntary) AD&D Insurance
  • 401(k)
  • Medical Coverage
  • Dental Coverage
  • Vision Care Plan
  • Flexible Spending Account Plan
  • Online Training
  • AFLAC Supplementary Insurances


Spinvi provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Spinvi complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.


Spinvi expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Spinvi’s employees to perform their job duties may result in discipline up to and including discharge.

Job tags: Active Directory Analytics Forensics IDS Incident response IPS Malware Network security Penetration testing Python TTPs Windows