Sr. Threat Hunter

Company Description

Under the direction of the Detection Team manager and Threat Hunting Team Lead, supports the day-to-day operations of the Threat Hunting team.  A Senior Threat Hunter will develop relationships with stakeholders, deliver meaningful hunt activities that suits the requestor’s needs, support emerging threats and incidents, mentor and share knowledge with other Threat Operations personnel, and contextualize threats to NBCU.  Functions will include actively hunting for indicators of compromise, APT Tactics, Techniques, and Procedures within the environment, researching new threats as they emerge, identifying opportunities for improvement, understanding the trends, techniques, tactics, and procedures of threats against NBCUniversal.

Job Description

The following are essential job accountabilities:

• Work directly with our threat intelligence and detection engineering teams to identify gaps in logging, alerting, and areas to improve/automate.
• Work with the business and Detection Manager/Team Lead to prioritize hunt plans and upcoming activities.
• Proactively and iteratively search through systems and networks to detect advanced threats.
• Create, recommend, and assist with the development of new security content as a result of threat hunting.
• Ingest Response information and data from incident writeups, malware reports, and other technical documentation to spawn additional hunting opportunities.
• Write technical threat hunt reports which highlight hunt activities, results, including escalations, remediation items, and gaps. 
• Collaborates with Detection Manager/Team Lead in evaluating change in workflows, policies, procedures, and implements appropriate changes.

The following are common expectations:

• Tactical, operational, and strategic knowledge of the cyber threat landscape to include different types of adversaries, campaigns, and motivations.
• Knowledge of industry recognized security and analysis frameworks (Mitre ATT&CK, Kill Chain, Diamond Model, NIST Incident Response, etc.).
• Expertise in network and host-based analysis and investigation.
• Expertise with Splunk Search Processing Language (SPL) or other SIEM technologies.
• Demonstrated experience planning and executing threat hunt missions.
• Understanding of complex Enterprise networks to include routing, switching, firewalls, proxies, load balancers.
• Working knowledge of common (HTTP, DNS, SMB, etc) networking protocols.
• Familiar with operation of both Windows and Linux based systems.

Salary Range: $113,000 to $145,000

Additional Information

NBCUniversal's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law. NBCUniversal will consider for employment qualified applicants with criminal histories in a manner consistent with relevant legal requirements, including the City of Los Angeles Fair Chance Initiative For Hiring Ordinance, where applicable.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access nbcunicareers.com as a result of your disability. You can request reasonable accommodations in the US by calling 1-818-777-4107 and in the UK by calling +44 2036185726.