Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
DFIR & Threat Hunting Researcher image - Rise Careers
Job details

DFIR & Threat Hunting Researcher

Company Description

About CyberArk:
CyberArk (NASDAQ: CYBR), is the global leader in Identity Security. Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit our CyberArk blogs or follow us on Twitter, LinkedIn or Facebook.

Job Description

CyberArk, the global leader in Identity Security, is looking for a skilled and passionate DFIR & Threat Hunting Researcher to join its Global Information Security Team. In this role, you will conduct digital forensics and threat-hunting activities across CyberArk's global network, endpoints, and cloud environments. You will also research and develop new methods and tools to enhance the detection and response capabilities of the CyberArk Information Security team.

Responsibilities:

  • Digital Forensics and Incident Response (DFIR):
  • Perform digital forensics analysis on various types of evidence, such as disk, memory, network, and cloud artifacts (AWS – advantage).
  • Support incident response efforts by providing technical expertise, containment, eradication, and recovery guidance.
  • Maintain and operate forensic tools and platforms, ensuring they are up-to-date and reliable.
  • Document and report on forensic findings and recommendations, following the established procedures and standards.
  • Threat Hunting:
  • Proactively hunt for malicious activity and indicators of compromise across CyberArk's network, endpoints, and cloud environments using various data sources and analytical techniques.
  • Develop and refine custom threat-hunting hypotheses, queries, and dashboards based on the latest threat intelligence and trends.
  • Collaborate with the SOC team to validate, escalate, and respond to identified threats.
  • Research and Development:
  • Research emerging threats, attack vectors, threat actors, ATPs, security technologies and CyberArk products and share insights and best practices with the team and the broader security community.
  • Develop and improve tools, scripts, correlation alerts and automation to enhance the SOC team's DFIR and threat-hunting capabilities.

#LI-JH1

Qualifications

  • Proven (5+ years) experience in digital forensics and incident response, preferably in a tech company or a security consulting firm.
  • Hands-on experience with industry standard forensic tools and platforms.
  • Hands-on experience with threat hunting tools, query languages and platforms, such as ELK, Splunk, QRadar, KQL, SQL etc.
  • Strong knowledge of network protocols, operating systems, malware analysis, and cloud security.
  • Ability to automate tasks using a scripting language such as Python & JS.
  • Excellent communication and interpersonal skills.
  • Excellent proficiency in English, both written and verbal, is a must.
  • Curious and creative mindset, with a passion for learning and solving complex problems.
  • Ability to work independently and collaboratively in a fast-paced, dynamic environment and with a multi-region team.

Additional Information

CyberArk is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status. 

The salary range for this position is $102,000 – $145,000/year, plus commissions or discretionary bonus, which will be based on the employee’s performance. Base pay may also vary considerably depending on job-related knowledge, skills, and experience. The compensation package includes a wide range of medical, dental, vision, financial, and other benefits. 

CyberArk Glassdoor Company Review
4.3 Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon Glassdoor star icon
CyberArk DE&I Review
No rating Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon
CEO of CyberArk
CyberArk CEO photo
Matt Cohen | Udi Mokady
Approve of CEO
by CyberArk on Glassdoor

Average salary estimate

$123500 / YEARLY (est.)
min
max
$102000K
$145000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About DFIR & Threat Hunting Researcher, CyberArk

Are you ready to dive into the world of digital forensics and threat hunting? CyberArk, a global leader in Identity Security, is on the lookout for a dedicated DFIR & Threat Hunting Researcher to join our passionate Global Information Security Team in Newton, Massachusetts. In this exciting role, you'll play a vital part in investigating incidents and proactively hunting for threats across our extensive network, endpoints, and cloud environments. You'll be the go-to expert for digital forensics, analyzing a variety of evidence types including disk, memory, and cloud artifacts, and supporting our incident response efforts with your technical expertise. We encourage you to unleash your creativity by researching new methods and developing innovative tools that enhance our detection and response capabilities. Your insights will not only benefit our team but will also contribute to the broader security community. With over five years of experience required, you’ll bring your proficiency with forensic tools, threat hunting platforms, and a strong understanding of network protocols to help strengthen our security measures. If you're a collaborative team player with a curious mindset who thrives in a fast-paced environment, we would love to meet you. Join us at CyberArk and help secure critical assets for the world’s leading organizations while continuously honing your skills in the exciting field of cybersecurity!

Frequently Asked Questions (FAQs) for DFIR & Threat Hunting Researcher Role at CyberArk
What are the core responsibilities of a DFIR & Threat Hunting Researcher at CyberArk?

The core responsibilities of a DFIR & Threat Hunting Researcher at CyberArk include conducting digital forensics analysis on various evidence types, supporting incident response efforts with technical expertise, proactively hunting for malicious activities across networks, and researching emerging threats and attack vectors. This role requires collaboration with the SOC team and continuous development of tools and scripts to enhance threat-hunting capabilities.

Join Rise to see the full answer
What qualifications do I need to apply for the DFIR & Threat Hunting Researcher position at CyberArk?

To apply for the DFIR & Threat Hunting Researcher role at CyberArk, candidates should have at least five years of proven experience in digital forensics and incident response, preferably in a tech company or security consulting firm. Applicants should be well-versed with forensic tools, threat hunting platforms like ELK and Splunk, and have strong knowledge of network protocols, malware analysis, and cloud security.

Join Rise to see the full answer
What skills are essential for success as a DFIR & Threat Hunting Researcher at CyberArk?

Essential skills for success as a DFIR & Threat Hunting Researcher at CyberArk include proficiency in digital forensics tools and threat hunting platforms, strong scripting abilities (preferably in Python and JavaScript), excellent communication skills, and a creative mindset for problem-solving. A solid understanding of operating systems, cloud security, and malware analysis is also crucial.

Join Rise to see the full answer
How does CyberArk promote collaboration within the Global Information Security Team?

CyberArk fosters a collaborative environment within the Global Information Security Team by encouraging knowledge sharing, regular team meetings, and cross-functional projects. The DFIR & Threat Hunting Researcher will work closely with SOC team members, contributing insights derived from threat-hunting efforts and research, thereby creating a supportive culture focused on enhancing collective security practices.

Join Rise to see the full answer
What is the salary range for the DFIR & Threat Hunting Researcher role at CyberArk?

The salary range for the DFIR & Threat Hunting Researcher position at CyberArk is between $102,000 and $145,000 per year, plus commissions or discretionary bonuses based on employee performance. Salary may vary depending on job-related knowledge, skills, and experience, and CyberArk offers a comprehensive compensation package including various benefits.

Join Rise to see the full answer
Common Interview Questions for DFIR & Threat Hunting Researcher
Can you explain your experience with digital forensics tools?

When answering this question, be specific about the digital forensics tools you've used, such as EnCase, FTK, or Volatility. Provide examples of how you employed these tools in past roles, along with the types of investigations you conducted and the outcomes achieved. Mention any certifications or ongoing training related to digital forensics that further demonstrate your expertise.

Join Rise to see the full answer
What approaches do you take when hunting for threats across a network?

Describe your step-by-step approach to threat hunting, starting with your data sources, such as logs or behavioral analytics. Discuss how you formulate hypotheses based on threat intelligence and elaborate on the tools and queries you employ to test those hypotheses, emphasizing your analytical techniques and ability to adapt to changing threat landscapes.

Join Rise to see the full answer
How do you stay current with emerging threats and security trends?

Share the resources you regularly consult to stay updated, such as industry blogs, newsletters, webinars, and threat intelligence platforms. Highlight your participation in security conferences, workshops, or online courses and explain how you apply what you've learned to enhance your threat hunting and incident response strategies.

Join Rise to see the full answer
Can you walk us through a specific incident response scenario you've handled?

When discussing a past incident response scenario, structure your response as STAR (Situation, Task, Action, Result). Explain the context of the incident, what your tasks were, the actions you took, and the outcome. Be specific about the tools and methods you used for containment and recovery, showcasing your problem-solving skills and teamwork.

Join Rise to see the full answer
What scripting languages are you proficient in, and how do you use them in your role?

Identify the scripting languages you are proficient in, like Python or JavaScript, and explain how you utilize them for automation in forensics or threat-hunting processes. Provide examples of scripts you've developed or modified that improved operational efficiency, error reduction, or enhanced data analysis.

Join Rise to see the full answer
How do you prioritize tasks during an intense incident response?

Discuss your approach to prioritization during urgent incident response situations, emphasizing your ability to quickly assess the severity of incidents. Talk about how you communicate with your team to ensure that critical issues are addressed first and share methods you might use, such as risk assessments or triage processes.

Join Rise to see the full answer
How do you collaborate with other teams, like the SOC, in your investigations?

Explain the importance of teamwork in the cybersecurity field, particularly in your role as a DFIR & Threat Hunting Researcher. Provide concrete examples of how you have effectively collaborated with SOC teams, including details on the tools used for communication, sharing findings, and coordinating responses.

Join Rise to see the full answer
What specific threat-hunting tools and methodologies do you use?

Be prepared to discuss specific tools you have experience with, like ELK Stack, Splunk, or QRadar. Describe your methodologies for threat-hunting, including how you establish a baseline of normal behavior and look for anomalies, and provide examples of successful hunts you've conducted and what you discovered.

Join Rise to see the full answer
Can you share your experience with cloud security, especially regarding digital forensics?

Discuss your experience with cloud environments, particularly AWS or Azure, focusing on any digital forensics work you've done in the cloud. Describe the challenges that may arise in cloud forensics compared to traditional environments, and provide examples of how you have overcome those challenges.

Join Rise to see the full answer
What do you consider an essential skill for a DFIR & Threat Hunting Researcher?

Highlight a specific skill you believe is critical for the role, such as analytical thinking, attention to detail, or continuous learning. Provide examples of how this skill has proven essential in your previous roles and describe situations where it made a significant difference in your work outcomes or team dynamics.

Join Rise to see the full answer
Similar Jobs
Photo of the Rise User
CyberArk Hybrid Boston, Massachusetts
VIEW
Posted 7 days ago
Photo of the Rise User
CyberArk Hybrid Newton, Massachusetts
VIEW
Posted 5 days ago
Photo of the Rise User
Nivoda Remote Mumbai
VIEW
Posted 3 days ago
Photo of the Rise User
Experian Remote Boulevard "Tsarigradsko shose" 86, Sofia , Bulgaria
VIEW
Posted 8 days ago
Photo of the Rise User
European Dynamics Remote No location specified
VIEW
Posted 12 days ago
Photo of the Rise User
Intelerad Remote Canada, Remote, Canada
VIEW
Posted 6 days ago
Photo of the Rise User
Integrated Resources INC Hybrid Newark, NJ, USA, Newark, NJ
VIEW
Posted 8 days ago
M
MAT Holdings, Inc Hybrid 6700 Wildlife Wy, Long Grove, IL 60047, USA
VIEW
Posted yesterday
Photo of the Rise User
Figma Remote San Francisco, CA • New York, NY • United States
VIEW
Posted 13 days ago
Empathetic
Collaboration over Competition
Growth & Learning
Passion for Exploration
Fast-Paced
Startup Mindset
Diversity of Opinions
Rise from Within
Photo of the Rise User
Version 1 Remote Bengaluru, India
VIEW
Posted 7 days ago
Photo of the Rise User By CyberArk

Our Mission What unites the CyberArk Team is the drive to help organizations transform their business through improved security and reduced risk. As a trusted partner for thousands of companies around the globe, CyberArk consistently sets the bar ...

70 jobs
MATCH
Calculating your matching score...
FUNDING
DEPARTMENTS
SENIORITY LEVEL REQUIREMENT
INDUSTRY
TEAM SIZE
LOCATION
EMPLOYMENT TYPE
Full-time, on-site
DATE POSTED
January 5, 2025

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
Show me relevant jobs ASK RISA ✨
ABOUT RISE
FOR COMPANIES
REMOTE JOBS & MORE
LOOKING FOR A JOB?
FIND A JOB NEAR ME
POPULAR JOBS
Rise logo
Privacy Policy and Terms of Service
© 2021 Work Rise LLC. All rights reserved.
Proudly made in NYC.
CONNECT
Facebook Instagram LinkedIn Tiktok