Threat Hunter (CS)

  • Full time
  • Prague
  • Posted 3 weeks ago

NTT

Want to be a part of our team?

As our Consulting Services continue to expand, we are currently looking for a Threat Hunter.
As a Threat Hunter, your primary responsibility will be to use your expertise to help our clients look for evidence of active threats within their environment that bypass prevention or detection controls.
A significant amount of your time will be allocated to perform research and development (R&D) for which you will be encouraged to increase your skills and learn, document about novel techniques and behaviours used by advanced threat actors.

Working at NTT

You will operate in both small and complex environments, combining your expertise of threat hunting and offensive security. As part of your role, you will deliver threat hunting missions to our clients that suspect a compromise within their IT perimeter. You will be responsible for determining whether there is an active threat within the client’s perimeter and propose possible remediations.

In this capacity we will need you to deliver on the following:

  • Uncovering active threats within client’s infrastructure based on logging data (network, endpoint, …).
  • Looking for evidence of active threats in client’s networks and document them.
  • Assist our clients in identifying which preventive and detective controls failed blocking or containing the active threat.
  • Study trends in cybercrime around threat actors’ behaviours, tactics, and goals.
  • Share and provide expertise to red team operations regarding the latest techniques and tactics identified in the wild.
  • Assist on offensive security engagements (penetration testing, red teaming, purple teaming, …).
  • Develop small automation scripts and custom tools (Python, PowerShell, Bash, …).
  • Evangelize Threat hunting capabilities internally and externally.
  • What will make you a good fit for the role?

  • You have minimum a Bachelor in ICT or similar in experience.
  • 1-2 years of experience in the Information Security field especially in penetration testing execution.
  • 2-3+ years of information security operations experience.
  • Understand what sophisticated, real world attacks look like and how to identify them.
  • Ability to navigate through large enterprise and IT environment operations.
  • Ability to identify the latest and common Tactics, Techniques, and procedures (TTPs).
  • Experience with IoC lifecycle (development, organization, sharing, effective usage).
  • Experience with statistical/quantitative analysis methods and tools.
  • Strong documentation and reporting skills.
  • Solid presentation and communication skills.
  • French or Dutch as mother tongue and good verbal and written knowledge of English.
  • Certifications such as CEH, OSCP, GPEN, GWAPT, GREM, GCFE are a strong plus.
  • Ability to communicate effectively with clients.
  • Driving license (cat B) is required.
    Display clear, persuasive and confident presentation and communication.
  • Analytical thinking and excellent problem-solving ability.
  • Strong personal initiative and a sense for pushing the limits on your technical knowledge.
  • Work flexibility and willingness to travel for a limited period if needed.
  • Strong ability to work as part of a team.
  • Eligible and prepared to obtain NATO security clearance.
  • To apply for this job please visit cz.talent.com.