Cybersecurity Threat Hunter


Interested in investigating computer crimes and breaches that make the headlines – and many more that don’t?  Can you think like an attacker to stay one step ahead of them, or understand the operational security controls needed to detect APT level attack IOCs on client enterprise?  Arete Incident Response is seeking a motivated and skilled individual to perform cyber Threat Hunting activity on client enterprises.  Threat Hunting provides a proactive and iterative function for finding deep, persistent threats that may not be detected by traditional security stacks.  This role functions in a team, but often will work independently to provide a constant stream of information to meet analyst and customer requirements.


  • Operate in a safe and secure manner on a client enterprise to perform Threat Hunting and research, including research that involves sophisticated APT actors active on an enterprise
  • Work with our Threat Intelligence team to develop IOCs for specific cyber threat actors or groups and to understand their tactics, techniques and procedures
  • Monitor and analyze cybercrime threat reports for a client business vertical, a specific client or APT groups to proactively create IOCs for Threat Hunting
  • Collaborate with other cyber Threat Hunters based on developed SME area
  • Collaborate with Cybersecurity and Incident Response team to provide targeted Threat hunting reports for ongoing engagements based on work performed on the client enterprise
  • Perform Intelligence activities in multiple languages using secure translation software
  • Use a wide variety of Threat Intelligence tools and websites, including the dark web
  • Be proficient in Threat Hunting using client provided tools as well as commercial and open source tools such as Cylance, Fidelis, Sentinel One, Endgame, Sqrrl
  • Collaborate with Law enforcement as directed by executive leadership for both engagement support as well as information sharing
  • Provide customized reports and research for cybersecurity services clients
  • Provide targeted and actionable Threat Hunting reports for MDR and long-term Cybersecurity services clients
  • Clearly communicate findings in written reports
  • Protect proprietary company and personal information from disclosure
  • Respond to tasking and direction as provided by the team leader


  • 3+ years of work experience in one or more of the following roles: SOC Analyst, Cyber Threat Hunter, Cyber Crime investigations, Cyber Threat Analysis, Cyber Threat Campaign Tracking.
  • Proven Threat Hunting Analyst skillset
  • Understanding of computer intrusions, malicious code, threat finance, money laundering / fraud / eCrime, and other criminal activity
  • Understanding of client enterprise operational security methods and Information Security best practices
  • Understanding of difference between Hunting and Killing
  • Basic level of understanding and experience with programming or scripting languages (C/C++, Java, Python, Go, etc)
  • Ability to express complex technical and non-technical concepts verbally, graphically, and in writing
  • Good knowledge of different operating systems and the command line
  • Knowledge of computer networking
  • Collection, analytical and research skills
  • Must pass drug screening + background check

Additional Qualifications

  • Degree in Computer Programing, Computer Science, Information Technology, MCA, BCA, MCS, BE (Comp), Cyber Crime or an equivalent field
  • Understanding of malware or exploitation techniques
  • Understanding of Threat Hunting techniques
  • Experience working with network sniffers and port scanners
  • Experience working with Threat Hunting tools such as Endgame and Sqrrl
  • Ability to think critically and properly qualify analytic assessments
  • Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of Threat Hunting
  • Ability to multitask while in an extremely chaotic environment that moves at a rapid pace while providing SME level Intelligence analysis and managing internal and external customer expectations
    Eligibility for Top Secret Security Clearance is a plus