Threat Hunter

Do you want to be part of a consultancy at the cutting edge of information security? At Context, we pride ourselves on our unique and meticulous approach to helping our clients solve their most complex information security challenges. Context is currently recruiting for Threat Hunters to work within their Security Operations team. The role consists of proactively searching for anomalous activity that has evaded traditional detection methods, utilising various toolsets whilst working closely with Threat Intelligence functions to create hunt hypotheses. Collaborating with other operational teams will be a core responsibility of the role as well as upskilling and mentoring junior analysts in the discipline of threat hunting. Excellent written and verbal communication skills are essential as the role will require providing support to client engagements and service reviews.

Key Responsibilities

• Proactively searching for anomalous activity that has evaded traditional detection methods, utilising a variety of toolsets
• Working closely with Threat Intelligence functions to create hunt hypotheses
• Maintaining awareness of the evolving threat landscape and pertinent threat actor groups / campaigns
• Continual refinement of methodologies and processes which support the Threat Hunting Cycle
• Collaboration with other operational teams, in order to develop new use-cases and deploy reactive detection logic
• Mentoring and upskilling junior analysts in the discipline of Threat Hunting   
• Escalating incidents to senior management where necessary & acting as a point of contact throughout investigation
• Supporting client engagements and or service meetings
• Report generation
• Handling client queries

Person Specification

• Over 2 years working in a SOC environment and a degree or equivalent level education in the follow topics:
• Cyber/information/network security
• Computer science
• Software/electrical/network engineering
• Other IT/security/network-related degrees
• CREST (CPIA, CRIA, CPSA)
• Vendor Certs or training
• SANS
• CEH
• Security+
• Network+
The above list is not exhaustive. All candidates will be considered on a case-by-case basis.

Skills

• Demonstrates a passion for cyber security and a keen interest in IT
• Possesses a detailed understanding of the core discipline, including knowledge of computer networks, operating systems, software, hardware and security
• Working knowledge of Cloud security fundamentals
• An understanding of the cyber security risks associated with various technologies and ways to manage them
• A good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus
• Demonstratable knowledge of at least one scripting or programming language.
• Verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals
• Written communication skills & the ability to write technical reports.
• Time-management and organizational skills to manage a variety of tasks, prioritise workload and meet deadlines
• Excellent attention to detail, analytical skills and an ability to analyze complex technical information in order to identify patterns and trends
• An ability to work under pressure, particularly when dealing with threats and at times of high demand.

Technologies

• Experience in any of the following:
• Splunk
• LogRhythm
• Azure Sentinel
• Carbon Black

Location and Travel

• The role is based at our Cheltenham Office.

Salary and Package

• A competitive salary and package aligned to market rates and including annual review.
• Context hosts a comprehensive bonus scheme and benefits including: 25 shift day’s annual leave, option to buy up to 5 extra days; company pension scheme, contributory of up to 8%; company share plan; numerous voluntary benefits including Cycle to Work Scheme, Childcare Voucher Scheme, Season Ticket Loan; free eye tests and sabbatical options.
• Employees also benefit from an individually tailored learning and development plan which can include financial support with tuition/exam fees and access to various conference opportunities.
• Company ethos is paramount and so, in addition to these bonuses and benefits, Context offers a flexible working environment, regular social activities and various day to day extras such as free refreshments.

Context is an independently operated cyber security consultancy, founded in 1998 and focusing on providing highly skilled consultants to help organisations with their information security challenges. We work with some of the world’s most high profile blue chip companies and government organisations.We are growing rapidly and are expanding our team and our services. We have offices in the UK, Germany, New York and Australia, and are recruiting in order to support an expanding business.