Senior Threat Hunter (US)

ESSENTIAL JOB FUNCTIONS: 

• Perform proactive and product-aware threat hunting, conducting continuous, hypothesis-driven threat hunting using WMC Global’s set of proprietary CTI tools as well as external tools and intelligence gathered through OSINT and closed channel practices 

• Conduct behavioral analysis, enriched by IOCs and TTPs to map threat actor activity and perform attribution 

• Leverage and enrich threat intelligence to inform hunting hypotheses and identify emerging adversarial TTPs aligned with MITRE ATT&CK and other industry-recognized frameworks 

• Package and present threat intelligence reports and briefings for technical, operational, and executive audiences both internally and externally 

• Partner with Software Development teams to finetune detection rules and algorithms based on hunt findings and false positive analysis 

• Design and implement automated pipelines to enrich, analyze, and store CTI artifacts using Python, SQLite, Redis, and custom API integrations 

• Identify customer targets and potential incidents, escalating and supporting triage of findings with clear, actionable intelligence and risk mitigation in collaboration with Customer Success and Operations 

• Tune product roadmap in collaboration with product and technical teams through feedback on tooling capabilities, user experience, and data coverage 

• Operationalize CTI with support of product team by driving correlation logic  

• Support Threat Hunting-as-a-Service (THaaS) and consulting services contracts, driving value obtained through CTI insights to map threat landscapes for WMC Global’s customer base 

• Collaborate with Operations incident response teams to share intelligence and ensure maximum disruption of malicious activities across WMC Global customers 

• Record and share feedback with the project management team to drive improvements in systems, software, and procedure 

• Document threat hunting methodologies, processes, and findings 

• Identify opportunities for continuous improvement and learning, keeping current with threat hunting tools, techniques, and best practices and maintaining a working knowledge of the evolving threat landscape 

• Showcase WMC Global CTI through marketing content collaborations, including blogs, white papers, press releases, etc. 

• Establish subject matter expertise on phishing kit analysis and exfiltration of compromised credentials 

• Perform periodic reanalysis of phishing kits and infrastructure to extract new IOCs and track threat actor evolution 

• Coordinate cross-functionally to iteratively improve detection and reporting 

• Maintain expert knowledge of TTPs deployed by advanced persistent threats (APTs) 

• Develop attack detection guidance and response playbooks, counter-measure definitions, and strategies to mitigate emerging threats for internal and external consumption 

• Uphold corporate SOPs, ensuring established processes and procedures are followed 

• Foster a spirit of teamwork that strives for cohesive, high-quality performance and innovative problem solving