Senior Threat Hunter

Building a Safer Cyberspace: At Horangi, we’re passionate about building a safer cyber space and creating software that solves challenging cyber security problems. Horangi focuses on building partnerships with our customers, developing an understanding of their business goals and building a security strategy that helps achieve their objectives. Horangi’s personnel have an extensive engineering experience and strong background in penetration testing, incident response and strategic consulting including both large multinational networks and small organizations with focused missions. We enjoy solving tough security problems and we are eager to find new challenges and build new relationships.The Role: Horangi is looking for a full-time Threat Hunter to join the Horangi Threat Hunting team. The Horangi Threat Hunting team provides security monitoring capabilities and proactive threat/compromise assessments for Horangi’s customers. We are looking for individuals who are able to adopt an attacker’s mindset to bring new perspectives into the realm of threat hunting where attacker Tactics, Techniques and Procedures are fluid and evolving rapidly.The role is a hands-on technical role with candidates expected to be involved in the business side of the Threat Hunting unit. The Threat Hunter will be working alongside the Head of Threat Hunting and the malware research engineering team to ensure the security of our customers against prevailing endpoint and network threats.

Senior Threat Hunters will responsible for:

• Assisting/leading presales for business opportunities related to the Threat Hunting business unit
• Managing EDR/SIEM/other related security console(s), including responding to incidents arising from Compromise Assessments / delivery of managed services
• Containment of incidents
• Remediation of Infection Vectors
• Provide advisory/action on recovery actions
• Performing threat hunting and creating hunting rulesets within EDR/SIEM/other related security console(s)
• Assisting in the deployment of software agents within client environments
• Assisting in the investigation and remediation of alerts within EDR/SIEM/other related security console(s)
• Assisting in the creation of scripts for automating workflows where necessary for TTP research and Threat Hunting related activities
• Publishing relevant research activities on Horangi’s Blog
• Active involvement in designing new services for the Threat Hunting business unit
• Any other reasonable activities that may be assigned as is required

Successful candidates will demonstrate:

• Understanding of the MITRE ATT&CK Framework and Cyber killchain
• Strong foundation in offensive security and the associated techniques. Penetration Testing background, and relevant offensive security certificates (i.e. OSCP, CCT, CRTO etc.) not required, but will be a bonus
• Understanding of the value that cyber security departments, products and services bring to a business organisation
• Strong foundation and understanding of the following areas of knowledge: IP networking stack | Windows, Linux and Mac internals | C++/C#/Python/Powershell/Bash | SIEM platform usage | Reverse Engineering experience will be a bonus
• Demonstrable experience investigating and responding to cyber security incidents, including but not limited to: Malware infections | Malicious insiders | Opportunistic attacks (drive-by, ransomware, N-day exploits etc.) | Experience investigating advanced and targeted attacks not a must, but will be a strong bonus