The Lead Threat Hunter roles are security specialists who pro-actively detect, isolate and neutralize advanced threats. The role relies on threat intelligence to provide insight into the tactics and techniques that threat actors are actively using.
Main Duties & Responsibilities
·Take ownership and direction for the Threat Hunting program within the LMAX Group.
·Identify unknown threats through established threat hunting practices using available tools.
·Investigate activity triggered by our platform and tools
·Leverage threat intelligence, document threats as needed and share intelligence with other
·Analyse threat research to develop detection methods
·Build and document tooling to improve quality and efficiency
·Follow internal policies and adhere to regulatory requirements
·Remain professional and approachable at all times
·Ensure that more complex incidents are followed up and resolved in a timely manner
·Deploy your coding skills to automate tasks or perform complex data analysis
·Stay updated on methods and attack methodologies of cyber criminals that target the financial
·Contribute to the ongoing development and improvement of the LMAX Group security program
·Recommend products, improve processes and consult on security strategy
·Map TTP’s and attacker behaviours to the Mitre Att&ck lifecycle.
·Identify most concerning activities and follow a threat hunting calendar to organise the hunts.
·Test and document adversarial techniques against the LMAX Group infrastructure
Once more advanced into the role:
·Work closely with other departments within the company to ensure that security weaknesses are
identified and any mitigations implemented are documented.
·Carry out monthly reports that provide metrics that measure the maturity of the Threat Hunting
program and how it continues to enhance the security posture of LMAX Group
·Interact and assist other investigative teams within LMAX Group on time sensitive, critical
·Provide training of staff around malware families and network attack vectors.
Success Looks Like:
·Low numbers of Security Incidents. High rates of attack detections.
·Being able to perform all regular operational duties within the wider Information Security team.
·Threat hunting program established with regular hunts taking place.
·Positive feedback from the business/team members/colleagues
·Further into the role, be able to support the rest of the team, other internal departments with
contextual information about the threat landscape.