Skip to content
bg-office-working-unsplash

Cyber Threat Hunting and Incident Response Analyst

Full-time
United States – Must Work East Coast Hours
Up to 10% Travel

Primary Purpose and Goal of Role  

Quzara is looking for a Cyber Threat Hunting and Incident Response Analyst to join the team! The primary purpose of this role is to support Quzara’s threat hunting and incident response efforts. This position supports all phases of incident response life cycle.  

Responsibilities

  • Complete threat hunting in on-premises, cloud, and hybrid environments. 
  • Define, document, test and manage incident response processes, document processes and procedures in the form of playbooks and reference guides. 
  • Evaluate external threat intelligence sources related to zero-day attacks, exploit kits and malware to determine organizational risk and improve threat detection by incorporating into detection tools. 
  • Conduct forensics: host-based disk and memory as well as network; analyze to determine root cause and impact.
  • Develop security monitoring by using cases and supporting content for security tools such as dashboards, alerts, reports, rules; including but not limited to the configuration and monitor security information and event management (SIEM) platform for security alerts. 
  • Perform all phases of incident response life cycle: preparation, analysis, containment, eradication, remediation, recovery, and post-incident activity.  
bg-office-unsplash-02
bg-office-unsplash-01
bg-office-group-of-people-talking-498623425

Requirements

  • Minimum five years of recent security monitoring experience and incident response activities; preferably within a professional services firm or similar environment; experience with IT process definition and/or improvement
  • Bachelor's degree from an accredited college/university or equivalent work experience. 
  • Solid understanding of network and system intrusion and detection methods; examples of related technologies include Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), hacking tools techniques and procedures. 
  • Experience with coding and analytics, malware analysis, endpoint lateral movement detection methodologies and host forensic tools. 
  • Understanding of network protocol analysis, public key infrastructure, SSL, Microsoft Windows and Active Directory, Linux, open-source software, scripting, SQL, and software programming. 
  • Strong verbal/written communication with ability to effectively interact with individuals at all levels of responsibility and authority; ability to prioritize, delegate and foster the development of high-performance teams to lead/support an environment driven by customer service and teamwork;
  • strong trouble-shooting and organizational skills and ability to work on multiple projects simultaneously; ability to participate in resource planning processes based on defined organizational plans. 
  • Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future.
Quzara LLC is an Equal Employment/Affirmative Action employer. We do not discriminate in hiring based on sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by federal, state, or local law. 

Join Our Cyber Team!

Working for Quzara means being part of a team driven by innovation and dedication where we rise together.