Threat Hunter II

Threat Hunter

Do you strive to catch evildoers wherever they hide? Is your passion digging deep to discover the story behind the breach? Can you tell your amcache from your bash? Your RDP from your VNC? You might be a threat hunter!

This position can be performed remotely in the United States.

US Citizenship is a requirement as this role is a part of our Special Contracts division.

BlueVoyant is searching for passionate evil finders to join us in our mission to defend our clients against the best of the best (or the trickiest) adversaries on the Internet. Our Threat Hunting team is focused on what lies beyond detection; stepping back from filtered, truncated data to find the "low and slow", "the unknown unknowns", and cool malware few have seen before. We rely on experience and creativity, not vendor guardrails, to build upon existing client defenses and find adversaries faster.

Your mission will be to think evil and play nice (chaotic good?). Using your knowledge of adversary TTPs, you'll turn the tables on evil by using their mistakes and methodologies to uncover activity. By applying your experience and expertise against endpoint, log, and network data you'll identify breadcrumbs that lead you to patient zero and root cause. You'll work with our Threat Intelligence and SOC teams to ensure we catch adversaries easier, sooner, and with significantly less grep the next time they show up.

What BlueVoyant can do for you:

• Provide the opportunity to be creative and develop new hunting methods
• Access to threats in environments of all sizes in multiple industries
• Integrate your ideas and expertise into our world-class threat intelligence and detection capabilities
• Give you hands-on experience with industry-leading hunting tools, technology, and automation
• Exposure to a fast-paced, rapidly growing company and team
• Working with a passionate team dedicated to defending against adversaries

What you can do for BlueVoyant:

• Bring your passion, critical thinking, and creativity!
• Develop, test, and employ threat hunting methodologies
• Analyze data for outliers, anomalies, and indicators of compromise
• Coordinate with Threat Intelligence, SOC, and client teams to remediate, mitigate, and reduce time-to-detection
• Generate accurate, contextual, and thorough deliverables surrounding threat hunting activities
• Research and search for new adversary TTPs across our clients
• We're looking for candidates with 3-5 years of SOC, Incident Response, threat hunting, or forensics experience.

Differentiators:

• Experience with EDR, Live Response tools, and Splunk
• Strong Windows internals knowledge
• Network analysis experience
• Scripting languages (Python, Powershell, etc.)
• Experience with automation solutions

About BlueVoyant

At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!

Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.

Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.

All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.

Disclaimer: Please note that pursuant to contractual requirements and applicable law, in order for employees to perform work on some of the company’s federal contracts, U.S. citizenship is required. Accordingly, an employee’s ability to perform work on such contracts is contingent upon the company’s verification of the employee’s citizenship status.

BlueVoyant Candidate Privacy Notice

To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice

RAsT918oEc