threat hunting

Role & responsibilities

Design and build a formal threat hunting program with a strong emphasis on hypothesis-based hunting methodologies.

Use threat intelligence, MITRE ATT&CK, and risk models to form hypotheses and validate them through structured hunts.

Leverage existing tools/technologies to automate hunts, visualise results, and create reusable artifacts for future investigations and detections.

Collaborate with detection engineering to convert threat hunt findings into high fidelity detection content.

Document and maintain a robust repository for hunting methodologies, tooling, and findings to enable continuous improvement and team scaling.

Provide regular reports and presentations to stakeholders, with clear articulation of threats, methods, and risk impact.

Idea candidate should have:

The ideal candidate is a highly skilled and proactive Threat Hunter with a strong background in hypothesis-driven hunting, adversary TTP analysis, and cross-functional collaboration.

They should have a minimum of 8 years Cyber Security Domain Experience preferably in Red or Blue team and 35 years of hands-on experience in Threat Hunting, with a deep understanding of the MITRE ATT&CK framework and a proven ability to detect and investigate advanced threats beyond signature-based solutions.

Adept at leveraging Google SecOps, CrowdStrike EDR, Palo Alto, Splunk for data analysis and they bring strong scripting capabilities (e.g., Python, PowerShell, SQL) and experience using power BI Reporting capabilities to document and visualise results.

This individual has successfully built or significantly contributed to threat hunting programs, translating threat intelligence into actionable insights and working alongside detection engineers and security analysts to operationalize findings.

They should be driven by curiosity and methodical thinking, constantly seeking to improve visibility and detection coverage across complex environments—including hybrid or cloud-native architectures like AWS, Azure, or GCP.

They would be a self-starter with strong autonomy and analytical acumen; they thrive in dynamic environments and are passionate about staying ahead of evolving threats.