What success looks like in this role:
Threat Hunting and Anomaly Detection:
Conduct proactive threat hunting activities to identify unusual patterns or behaviors in network traffic.Utilize Darktrace, Exabeam, and Recorded Future to analyze security events and uncover potential threats or vulnerabilities.Investigate and correlate events across multiple data sources to identify security incidents. Analysis and Reporting:
Perform in-depth analysis of detected anomalies, documenting the findings with clear and precise reports.Provide technical recommendations based on analysis to enhance network security and mitigate identified risks.Communicate findings and insights to clients, ensuring they understand the impact and recommended actions. Tool Optimization and Maintenance:
Regularly review and update threat detection rules and models to keep pace with evolving threats. Collaboration and Documentation:
Collaborate with other cybersecurity team members to share insights and improve overall threat detection strategies.Maintain detailed documentation of threat hunting processes, findings, and response actions for future reference. Continuous Learning and Improvement:
Stay updated on the latest threat intelligence and hunting techniques, incorporating new methods into daily practices.Participate in continuous learning opportunities and contribute to the knowledge-sharing culture within the team.#LI-AS2
You will be successful in this role if you have:
Must Have Skills
Threat Hunting Experience (3+ years): Proven experience in identifying and analyzing security threats using advanced tools and methodologies.
Proficiency with Darktrace, Exabeam, and Recorded Future (2+ years): Deep technical knowledge and hands-on experience with these platforms for detecting and analyzing network anomalies.
Network Traffic Analysis (3+ years): Expertise in analyzing network traffic to identify malicious activities and potential breaches.
Technical Documentation (3+ years): Strong ability to document technical findings clearly and concisely for both technical and non-technical audiences.
Client Communication (3+ years): Experience in presenting technical results and recommendations to clients, ensuring clarity and actionable insights.
Nice to Have
Certifications (e.g., CEH, GCIH, GCIA) (1+ years): Relevant cybersecurity certifications that demonstrate advanced threat hunting skills.
Experience with Other Threat Intelligence Platforms (1+ years): Familiarity with additional threat intelligence tools or platforms beyond Darktrace, Exabeam, and Recorded Future.
Incident Response Experience (1+ years): Experience in responding to security incidents, coordinating with teams to contain and remediate threats.
Knowledge of Advanced Persistent Threats (APTs) (1+ years): Understanding of APT tactics, techniques, and procedures (TTPs) and how to detect them in network environments.
Scripting and Automation (1+ years): Skills in scripting to automate repetitive threat hunting tasks and improve efficiency.
#LI-AS2
Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.
This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4). US job seekers can find more information about Unisys’ EEO commitment here.