Threat Detection Consultant

At One eSecurity, we are a market-leading specialist in Threat Detection and Digital Forensics & Incident Response (DFIR). Our commitment to excellence, innovation, and passion drives everything we do.

We’re looking for a top-tier, fully remote cybersecurity professional with 5+ years of experience in Threat Hunting and Cyber Threat Intelligence (CTI). If you have a sharp eye for advanced threats and hands-on expertise in incident response, join us and make an impact!

Main Responsibilities

• Use threat intelligence and behavioral analysis to find potential anomalies and suspicious activities that automated security systems might miss.
• Actively search for hidden threats and indicators of compromise (IOCs) across the network, endpoints, and systems, using both known and unknown attack techniques.
• Operation of Threat Hunting tools such as EDRs, XDRs, SIEMs, etc., including the creation and execution of hunts as well as analysis of results.
• Conduct in-depth analysis of unusual patterns, system behaviors, and network traffic to uncover advanced threats, including zero-day attacks, APTs, insider threats, and advanced malware.
• Develop and refine detection rules and use cases for security monitoring systems (e.g., SIEM, IDS/IPS, EDR solutions) based on evolving attack techniques.
• Generate reports for clients, detailing discovered threats, the severity of risks, and recommended actions for remediation.
• Identify trends, tactics, techniques, and procedures (TTPs) used by cyber adversaries.
• Perform deep analysis of indicators of compromise (IOCs) and attack signatures.
• Gather and aggregate information from various sources, such as open-source intelligence (OSINT), dark web monitoring, threat feeds, and other threat-sharing platforms.
• Work closely and provide actionable threat intelligence to support the Incident Response team during active cyber incidents and the Threat Hunting team during active threat detection.
• Client management.
• Project management.

Requirements

• University degree is desirable but not required.
• 8+ years professional experience in Threat Hunting, EDR technology, SOC, Blue team, incident response.
• Have a solid understanding of the information security threat landscape.
• Knowledge of the threats most commonly used by attackers.
• Knowledge of analysis platforms and query languages.
• Knowledge of the most commonly used SIEM technologies on the market.
• Understanding of TCP/IP networks, base protocols for the development and analysis of IDS/PCAPs rules, analysis of logs, and DNS/HTTP packets as well as browsing logs.
• Familiarity with security frameworks such as MITRE, ENISA, CCN.
• Experience with CTI tools: Virus Total, Open CTI, Maltego.
• Forensic analysis tools such as Volatility or Regripper.
• Management of services and/or projects.
• Customer focus with skills to lead meetings and project presentations.
• A plus: experience in team management.

Ability to work in a team.

Demonstrate innovative and creative thinking as well as problem-solving skills.

Languages: Fluent in English and Spanish.