Cyber Security – Senior Threat Hunter
The opportunity:
Proactively identify advanced, stealthy, and previously unknown threats across enterprise environments, operating beyond alert-driven SOC operations to focus on hypothesis-based threat hunting, adversary behaviour analysis, and closing detection gaps across Microsoft Sentinel, Microsoft Defender for Endpoint, and Defender for IoT.
Serve as a technical authority within the SOC, supporting L1/L2 analysts and partnering with Incident Response and Detection Engineering teams to continuously improve the organization's threat visibility and SOC maturity.
Your key responsibilities
Conduct hypothesis-driven, TTP-centric threat hunts using telemetry from Microsoft Sentinel and Microsoft Defender platforms.
Develop hunt hypotheses based on adversary campaigns, MITRE ATT&CK techniques, threat intelligence, and observed environmental weaknesses.
Hunt for advanced attack behaviors and validate findings with evidence, determining impact before escalation.
Perform advanced KQL-based threat hunting across large data volumes in Microsoft Sentinel.
Identify detection blind spots, noisy analytics, and data quality issues.
Conduct advanced endpoint hunting using Defender Advanced Hunting.
Correlate endpoint telemetry with SIEM data to reconstruct end-to-end kill chains.
Perform threat hunting across IoT/OT and IC environments using Microsoft Defender for IoT telemetry where applicable.
Produce formal threat hunt reports detailing the hunt hypothesis, data sources, findings and evidence, MITRE ATT&CK mapping, and recommended remediation.
Skills and attributes for success
4–7+ years in SOC, Threat Hunting, Incident Response, or Detection Engineering.
Proven experience performing proactive threat hunting (not tool monitoring).
Experience with enterprise‐scale SIEM and EDR environments.
Advanced expertise in MS Sentinel and Defender Suites.
Strong mastery of KQL (Kusto Query Language).
Deep understanding of MITRE ATT&CK, adversary tradecraft, malware, and post‐exploitation techniques.
Strong skills in endpoint telemetry analysis, network traffic analysis, and log correlation across multiple security layers.
Advanced analytical and critical‐thinking skills.
Strong written and verbal communication.
Curiosity‐driven, attacker‐mindset analysis.
Ability to work independently on ambiguous, high‐impact threats.
Qualifications
Bachelor's degree or master's degree in computer engineering, IT security, computer science, information systems, or related fields.
Highly proficient in English with good written and oral communication.
Good analytical, problem‐solving, and interpersonal skills.
What we offer
Empowering career development with tailored training and development programs.
Flexible work‐life integration via a hybrid work model.
Comprehensive well‐being programmes including psychological support and health resources.
Meaningful volunteering opportunities with community‐focused programmes.
Recognised performance and rewards to celebrate individual and team successes.
#J-18808-Ljbffr