Lead, Cyber Defense & Response

Job Classification:

Technology - Information Security

Are you interested in building capabilities that enable the organization with innovation, speed, agility, scalability and efficiency? The Global Technology team takes great pride in our culture where digital transformation is built into our DNA! When you join our organization at Prudential, you’ll unlock an exciting and impactful career – all while growing your skills and advancing your profession at one of the world’s leading financial services institutions. 

Your Team & Role

The Threat Hunting Lead will report to the Director of Threat Hunting and will serve as a senior technical lead and driver for proactive threat hunting operations across on-prem and cloud environments. This role is responsible for leading complex hunts end-to-end (hypothesis development, telemetry validation, analytic execution, and operationalization), mentoring other hunters, and partnering closely with Cyber Threat Intelligence, Incident Response and Detection Engineering, and improving enterprise detection, response readiness, and visibility.

Here is What You Can Expect on a Typical Day

• Lead proactive threat hunts across enterprise environments (on-prem and cloud), including Active Directory/Entra, M365, Azure, AWS, endpoints, identity, network, and application telemetry.
• Develop and refine hunt hypotheses based on emerging threats, adversary TTPs, vulnerability exploitation trends, and internal detections/incident learnings; map activity to frameworks such as MITRE ATT&CK and the Cyber Kill Chain.
• Execute advanced investigations and log analytics using SIEM/XDR platforms; leverage Splunk SPL and Microsoft KQL to identify suspicious patterns, perform pivoting, and validate attack paths.
• Operationalize outcomes by translating hunt findings into durable defensive improvements: candidate detections/use-cases, analytic content, prioritized telemetry gaps, and actionable response guidance for IR/CSOC.
• Partner with Cyber Threat Intelligence to convert intelligence into environment-specific hunting plans, tracking, and measurable coverage (e.g., techniques, telemetry sources, and control validations).
• Partner with Detection Engineering to develop, test, and tune detection logic, including supporting documentation, test cases, and validation against realistic adversary behaviors.
• Drive visibility and resiliency improvements by identifying logging and data quality deficiencies, prioritizing remediation with stakeholders, and validating that required telemetry is consistently available.
• Provide technical leadership and coaching to threat hunting staff, including reviewing analytic approaches, promoting repeatable methodologies, and uplifting standards for documentation and knowledge sharing.
• Communicate clearly to stakeholders by producing concise executive summaries and detailed technical write-ups, brief leadership and technical partners on risk, scope, and recommended actions.
• Support incident response as needed by performing adjacency and scoping hunts during active incidents to prevent under-scoping and to identify persistence, lateral movement, and follow-on activity.
• Contribute to program maturity by improving playbooks, workflows, metrics, and reporting for threat hunting operations (e.g., coverage progress, outcomes, and time-to-insight).

The Skills & Expertise You Bring  

• 5+ years of experience in cyber threat hunting, incident response, detection engineering, or security operations in large enterprise environments.
• Demonstrated experience conducting investigations across endpoint, identity, network, and cloud telemetry in complex environments.
• Strong proficiency with at least one major SIEM/XDR ecosystem and advanced query authoring; hands-on experience with Splunk SPL and/or Microsoft KQL strongly preferred.
• Working knowledge of attacker tradecraft, including credential access, persistence, lateral movement, defense evasion, command-and-control, and data exfiltration techniques.
• Strong understanding of adversarial frameworks including MITRE ATT&CK and Lockheed Martin’s Cyber Kill Chain, and ability to apply them to analytic development and hunting.
• Experience designing or improving hunt programs, including workflow/process, metrics, reporting, and knowledge management.
• Industry Standard certifications (one or more), such as:
• GIAC GCIA, GMON, GX-IA, GCED, GX-CX, GCIH, GCFE, GCFA, GEIR, GCFR, GNFA, GCTI, GCTD, GCFR, GCPN, GPEN, GXPN
• Microsoft SC-200, AZ-500
• CompTIA Cybersecurity Analyst (CySA+)

To find out more about our Total Reward package, visit Work Life Balance | Prudential Careers. Some of the above benefits may not apply to part-time employees scheduled to work less than 20 hours per week.

What we offer you:

Prudential is required by state specific laws to include the salary range for this role when hiring a resident in applicable locations. The salary range for this role is from $123,700.00 to $204,100.00. Specific pricing for the role may vary within the above range based on many factors including geographic location, candidate experience, and skills.

• Market competitive base salaries, with a yearly bonus potential at every level. 

• Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leave. 

• 401(k) plan with company match (up to 4%). 

• Company-funded pension plan. 

• Wellness Programs including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needs. 

• Work/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.  

• Education Benefit to help finance traditional college enrollment toward obtaining an approved degree and many accredited certificate programs.  

• Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service. 

Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance. To find out more about our Total Rewards package, visit Work Life Balance | Prudential Careers. Some of the above benefits may not apply to part-time employees scheduled to work less than 20 hours per week.