Security Threat Detection Analyst

Why we're hiring:

The Threat Hunter is responsible for proactively identifying advanced threats that evade traditional security controls. This role involves hypothesis-driven investigations, leveraging threat intelligence, and analyzing telemetry across endpoints, networks, and cloud environments to uncover stealthy adversary activity. The Threat Hunter plays a critical role in reducing dwell time and strengthening organizational resilience under the Autonomic Security Operations model.

 

What you'll be doing:

Proactive Threat Hunting

· Execute hypothesis-driven hunts based on adversary TTPs and threat intelligence.

· Analyze telemetry from SIEM, EDR/XDR, NDR, and cloud-native platforms to identify anomalies.

· Develop and maintain hunting queries and scripts for automation and repeatability.

· Validate detection coverage through purple team exercises and adversary emulation.

Threat Intelligence Integration

· Incorporate emerging threat intelligence into hunting hypotheses and detection pipelines.

· Maintain awareness of global threat actor tactics, techniques, and procedures (MITRE ATT&CK).

Continuous Improvement

· Document hunt findings and feed insights into detection engineering and SOC workflows.

· Maintain a backlog of hunting hypotheses and visibility gaps for remediation.

· Contribute to automation of hunting workflows using scripting and SOAR platforms.

Strategic Alignment to GCAT SOC10x

· 10X People: Continuous learning and knowledge sharing within the team.

· 10X Process: Embed agile, hypothesis-driven hunting workflows.

· 10X Technology: Leverage AI/ML analytics for anomaly detection and hunt acceleration.

· 10X Visibility: Ensure comprehensive telemetry ingestion across hybrid environments.

· 10X Speed: Reduce dwell time and accelerate detection-to-response cycles.

 

 

What you'll need:

 

Technical Expertise

· Strong knowledge of threat hunting methodologies and frameworks (MITRE ATT&CK, TaHiTI).

· Proficiency in SIEM, EDR/XDR, and log aggregation tools across hybrid infrastructure.

· Scripting skills (Python, PowerShell) for automation and data analysis.

· Familiarity with threat intelligence integration and behavioral analytics.

Collaboration & Communication

· Ability to work closely with SOC, IR, and engineering teams.

· Skilled in documenting hunt outcomes and communicating findings effectively.

Certifications (Preferred)

· GIAC GCTI, GCIH, or equivalent advanced security certifications.

Key Attributes

· Automation-first mindset with focus on scalability and resilience.

· Strong analytical and problem-solving skills.

· Excellent communication and teamwork capabilities.

 

Who you are:

You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.

You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.

You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day.

 

What we'll give you:

Passionate, inspired people – We aim to create a culture in which people can do extraordinary work.

Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.

Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?