Threat Hunter, Principal

Provide expert knowledge in security best practices, security controls/advanced analysis to customers; work with infrastructure, network principals, security standards, practices, and controls, adversarial tactics/techniques; work with BurpSuite Professional, commercial static source code analysis (SAST) tools, dynamic application security (DAST) tools; perform black/grey/white-box security assessments; use manual application security testing (OWASP Top 10, OWASP Testing Guide); design/implement security controls (IT, Engineering, Product, IT Compliance); provide vulnerability monitoring/patch management oversight support; identify/investigate potential emerging threats; enable clients to respond to threats; provide recommendations using risk based methodology; assist in overall strategy; foster collaborative team environment; mentor to junior associates; detect/configure tools to detect patterns/outliers within client environments that match tactics, techniques, procedures (TTPs) of known threat actors, malware/unusual or suspicious behaviors; conduct cyber hunts to identify emerging threats on behalf of clients; act as lead investigator; provide expert analytic investigative support of large scale/complex security incidents across multiple clients; support SOC team throughout investigation, response, post-mortem efforts; suggest/maintain client policies within Armis’ platform; support monitoring/alerting use cases; focus on optimizing threat hunting service efficacy; work with clients’ overall security posture improvement; partner with internal Threat Research; conduct dynamic/static malware analysis on samples obtained during incident handling/hunt operations in order to identify Indicators of Compromise (IOCs); and assist clients with their maturation/optimization of Armis’ deployments (risk management/incident response perspective). This is a telecommuting position with remote benefit from various unanticipated locations throughout the U.S.

Job Requirements:

Bachelor’s degree or foreign equivalent in Computer and Information Technology, Cybersecurity, or Engineering plus 1 year experience. Experience to include working with BurpSuite Professional, commercial static source code analysis (SAST) tools, dynamic application security (DAST) tools; performing black/grey/white-box security assessments; using manual application security testing (OWASP Top 10, OWASP Testing Guide); designing/implementing security controls (IT, Engineering, Product, IT Compliance); and providing vulnerability monitoring/patch management oversight support. This is a telecommuting position with remote benefit from various unanticipated locations throughout the U.S.

Mail resumes to 548 Market Street, Suite 97439, San Francisco, CA 94104.

Salary range from $200,000 to $201,000 per year.