Threat Hunting Analyst

About the role

The Computer Security Incident Response Team (CSIRT) is looking for a Threat Hunting Analyst to investigate security alerts, analyze telemetry, and proactively hunt for threats across endpoint, network, and cloud environments. You will work with global teammates to ensure rapid incident resolution and strengthen the organization’s security posture.

Key responsibilities

• Investigate security alerts, suspicious activity, phishing reports, and potential incidents across multiple technologies.
• Analyze endpoint, network, cloud, identity, and email telemetry to detect malicious or unauthorized activity.
• Document investigations, analysis, decisions, and actions clearly and thoroughly.
• Coordinate incident response with engineering, infrastructure, identity, legal, HR, and business partners.
• Support detection tuning, workflow improvements, automation opportunities, and process documentation.
• Develop and refine standard operating procedures, playbooks, and analyst guidance.
• Participate in intelligence‑driven threat hunting and identify emerging attacker tactics.
• Contribute to continuous improvement by identifying gaps and recommending solutions.

Required profile

• Bachelor’s degree or equivalent experience in Computer Science, Cybersecurity, or a related technical field.
• 3+ years of professional experience in cybersecurity operations, incident response, or threat detection.
• Experience investigating security alerts using telemetry from endpoints, networks, or cloud platforms.
• Experience leading security incidents within an enterprise‑level case management or ticketing system.

Required skills

• Endpoint telemetry analysis
• Network telemetry analysis
• Cloud platform telemetry analysis
• Security alert investigation
• Incident response coordination
• Threat hunting techniques