Senior threat hunter (100% remote within spain)

Overview ¿Listo para inscribirse? Antes de hacerlo, asegúrese de leer todos los detalles pertenecientes a este trabajo en la descripción a continuación. CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively. CyberProof is part of the UST family. Some of the worlds largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services. Role We are looking for a talented Senior Threat Hunter with strong expertise in development (Jupyter Notebook, Python) who will be part of our growing managed services group, which monitors, investigates, and resolves security incidents, violations, and suspicious activities. This role is ideal for someone who approaches threat hunting not only as an investigation, but also should be able to develop customized tools, data enrichment and automated frameworks. The candidate will be responsible for developing, optimizing, and maintaining custom Jupyter based hunting environments that enable scalable, repeatable, and automated investigations across large telemetry datasets. Responsibilities Continuously research latest threat trends, APT campaigns, and emerging TTPs to develop hypothesis-driven hunt packages mapped to MITRE ATT&CK. Proactively drive hunting and analysis against the available dataset from various sources including, network, endpoint, and cloud environments to look for indicators of security breaches. Develop advanced Jupyter Notebook frameworks that supports hunt execution, data enrichment and validation. Develop reusable Python modules and APIs that extend Jupyter\'s capabilities for hunting automation in large scale, enrichment and result processing. Build and maintain data pipelines and automation logic to integrate threat hunting workflows with multiple telemetry and threat intel sources. Automate and schedule hunting notebooks through Azure ML pipelines, jobs, or equivalent orchestration frameworks, ensuring regular execution of hunting tasks. Implement data validation, normalization, and correlation layers to ensure hunting accuracy. Create structured reporting and visualization components using Python libraries like pandas, jinja2. Collaborate closely with the Use Case Management, Threat Intelligence and Detection Engineering teams to identify detection gaps observed during hunts. Generate weekly, monthly, and ad-hoc threat hunting reports summarizing hypotheses, observations, and notable findings. Mandatory Requirements Proven experience of 5+ years as Cyber Threat Hunter or Incident Response, including high skills in forensics and investigation of network, endpoint and cloud logs. Deep and proven knowledge and understanding of TTPs, attack frameworks (e.g., MITRE ATT&CK), and advanced threat actors. Experience with security applications such as data lake, SIEM tools and EDR platforms. Deep and proven knowledge of operating systems essentials including Linux/Unix and Windows. Experience analyzing network traffic, packet captures, and log data. Proven skills on Hunting on Cloud assets AWS, GCP, Azure. Strong understanding of Python libraries commonly used in data science, such as Pandas, and MsticPY. Advantageous to have in-depth knowledge of Jupyter Notebooks and experience in utilizing them for data analysis, visualization, and prototyping. Critical thinking, problem-solving skills and innovative way of thinking. Excellent communication skills to explain technical findings to both technical and non-technical audiences. Excellent organization, time management, and attention to detail. Bachelors degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience). Prior experience integrating Jupyter workflows with Cybereason, Sentinel, Defender, Crowdstrike,or other telemetry sources is a plus. Relevant certification (e.g., GIAC GCIH, GCFA, GREM, OSCP, CEH) is an advantage. Fluent in English (C1). What can we offer? 23 days of Annual Leave plus the 24th and 31st of December as discretionary days. Numerous benefits (Health Care Plan, teleworking compensation, Life and Accident Insurances). Retribuci Flexible Program: Meals, Kinder Garden, Transport, online English lessons, Health Care Plan) Free access to several training platforms Professional stability and career plans UST also, compensates referrals from which you could benefit when you refer professionals. The option to pick between 12 or 14 payments along the year. Real Work Life Balance measures (flexibility, WFH or remote work policy, compacted hours during summertime) UST Club Platform discounts and gym Access discounts Equal Opportunity If you would like to know more, do not hesitate to apply and we a0ll get in touch to fill you in details. UST is waiting for you! UST is committed to equal opportunities in our selection processes and do not discriminate based on race, gender, disability, age, religion, sexual orientation or nationality. We have a special commitment to Disability & Inclusion, so we are interested in hiring people with disability certificate. xqysrnh Skills threat intelligence, data loss prevention, incident response, mitre att&ck, penetration testing #J-18808-Ljbffr Hay opciones de teletrabajo/trabajo desde casa disponibles para este puesto.