Security - TFS (Job Code 700-23)

Threat Hunting Operations Analyst

Plano, Texas
Work Type: Full Time
Apply Now

ABOUT TTS-US

Founded in 2011, Toyota Tsusho Systems US, Inc. (TTS-US) is a global technology company that develops and provides cybersecurity and technology services, and builds solutions focused on defending critical networks. Based in Plano, Texas TTS-US, a Toyota group company, has rapidly transformed itself into a technology and mobility establishment and a leading provider of IT security, including network security, endpoint security, cloud security, cloud workload, mobile security, data security, and security management in addition to threat intelligence, and cyberattack response services.


CYBER FUSION CENTER – THREAT HUNTING OPERATIONS ANALYST (100% Remote- USA)

SUMMARY:

The Threat Hunting Operations Analyst is responsible for proactively discovering new, undetected threats within the organization's environment. This role demands a deep understanding of the cyber threat landscape, attacker tactics, techniques, and procedures (TTPs), and robust analytical skills to identify potential threats before they cause harm. This role is crucial in the defense of our organization’s digital assets, requiring a proactive stance against cyber threats and the ability to quickly adapt to emerging technologies and methodologies in cybersecurity.

KEY RESPONSIBILITIES:

Proactive Hunting:

Design and implement proactive hunting operations across the network and endpoint environments to detect indicators of compromise (IOCs) that are not identified by existing security tools.

Utilize threat intelligence, hypothesis-driven approaches, and advanced analytics to identify potential security breaches.

Analysis and Investigation:

Analyze network traffic, logs, and endpoint data for unusual activity and patterns that suggest attacker tactics.

Use forensic tools and techniques to conduct in-depth examinations of any potential intrusions.

      Playbook Development: 
                   Design, develop, and maintain a comprehensive library of threat hunting playbooks tailored to our organization's unique security requirements and infrastructure.
      Playbook Refinement: 
                   Continuously assess and refine existing playbooks based on emerging threat intelligence, incident response learnings, and changes in the threat landscape.

Threat Intelligence:

Integrate external threat intelligence into internal security operations to inform hunting strategies.

Maintain up-to-date knowledge of the threat trends, threat campaigns, attack vectors, TTPs, cybercrime, and other relevant threats to develop hunting use cases.

Tool Development:

Develop scripts, tools, or methodologies to enhance the capability of the threat hunting team.

Customize security tools and technologies to improve detection and response capabilities.

Collaboration and Reporting:

Work closely with the incident response team to support the resolution of threats, and to coordinate and create remediation plans.

Prepare detailed documentation and reports on findings and hunting activities.

Continuous Improvement:

Continuously refine and improve hunting techniques and methodologies. Document and update processes and procedures.

Participate in training and professional development to stay current with industry trends and technologies.


MINIMUM QUALIFICATION

  • 3+ years of experience in Security Operations or Incident Response
  • Knowledge of Cyber Kill chain, MITRE ATTACK framework and modern penetration testing techniques
  • Knowledge of operating system internals and attack techniques
  • Experience with offensive security including tools and OSINT.
  • Experience with reverse engineering, digital forensics or incident response
  • Advanced knowledge of network monitoring and network exploitation techniques
  • Experience with common attack vectors, including advanced adversaries (nation state/financial motivation)
  • Knowledge around common web application attacks including SQL injection, cross-site scripting, invalid inputs, and forceful browsing
  • Ability to demonstrate analytical expertise, close attention to details, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
  • Ability to learn and operate in a dynamic environment
  • Knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
  • Strong verbal and written communication skills


PREFFERED QUALIFICATION

  • Technical certifications such as GCIA, GCFA, GCIH, eJPT, eCTHP and OSCP.
  • Experience with Sentinel and KQL


BENEFITS AND PERKS

  • Medical health insurance (including dental and vision)
  • Competitive paid time off and company paid holidays
  • Comp time for holidays worked
  • 401k matching program
  • Merit increases and bonus structure
  • Professional development and education reimbursement
  • …and more!


TTS-US offers a variety of benefits and perks to employees. Benefits and perks subject to change.


Toyota Tsusho Systems US, Inc. (TTS-US) is committed to diversity in its workforce and is proud to be an equal opportunity employer. TTS-US considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.



Work location:
Plano, TX
 
No. of open positions:
1
 

Submit Your Application

You have successfully applied
  • You have errors in applying
Social Network and Web Links
Provide us with links to see some of your work (Git/ Dribble/ Behance/ Pinterest/ Blog/ Medium)