Cyber Threat Hunting Principal Analyst

Cyber Threat Hunting Principal Analyst Miejsce pracy: Warszawa Technologies we use Expected Python Optional PowerShell Your responsibilities Conduct threat-hunting operations to identify and mitigate potential threats before they can impact the organization. Develop and execute hypothesis-driven threat hunting techniques to uncover adversary tactics, techniques, and procedures (TTPs). Deliver detailed threat analysis and reports to executive leadership and stakeholders. Provide actionable recommendations to enhance the organization's security posture. Develop and implement advanced log analysis and search capabilities to identify sophisticated external and insider threats. Investigate anomalies, correlate findings with threat intelligence, and propose mitigation strategies. Perform targeted threat-hunting campaigns using adversary TTPs and insights from system telemetry and security data sources. Support incident investigations by providing detailed analysis and insights derived from threat-hunting operations. Share findings, analysis, and recommendations with cross-functional teams to improve the overall security posture and incident response effectiveness. Contribute to the design and implementation of advanced threat detection methodologies, playbooks, and automation processes to enhance hunting capabilities. Provide thought leadership and mentorship to junior analysts, fostering a continuous learning culture within the team. Analyze security trends and assess their impact on the organization, providing actionable insights to leadership. Serve as an escalation point during critical cybersecurity incidents, providing incident response, Digital forensic analysis, and malware assessment to support containment, eradication, and recovery efforts. Conduct host and network forensics, log analysis, and evidence collection for on-premises and cloud systems, ensuring proper chain of custody and documentation. Our requirements A detail-oriented professional with a proactive mindset to stay ahead of emerging threats. A team player who thrives in a collaborative environment and can navigate complex challenges effectively. Someone passionate about making a tangible impact on WTW’s cybersecurity resilience Extensive experience in cyber threat hunting, security incident response, and digital forensics in fast-paced, global environments. Proven ability to mentor and coach analysts, fostering skill development and career growth. Strong problem-solving and analytical skills, with the ability to influence stakeholders and drive effective decision-making. Expertise in adversarial tactics, techniques, and procedures (TTPs), the MITRE ATT&CK framework, cyber kill chain, and hacking/post-exploitation tools. Proficiency in interpreting and querying diverse log types (e.g., Windows Event, Web server, Firewall logs) and conducting threat hunts within SIEM and EDR tools. Knowledge of forensic methodologies, open-source tooling, and cloud security, including incident response in cloud environments. Experience delivering technical presentations and reports to both technical and non-technical audiences. Familiarity with scripting languages such as Python, PowerShell, and KQL, with a functional understanding of programming concepts. Industry-recognized certifications in Cyber Incident Response, Forensics, or Malware Analysis are a plus. Strong communication, collaboration, and interpersonal skills to effectively convey security and risk concepts across diverse audiences. What we offer Employment contract. Hybrid work possibility. Substantive and practical training to prepare for the tasks assigned. Opportunities for professional development within the organization (e.g., through internal recruitment). Work in a modern office close to the metro, offering amenities such as covered bike parking spaces with a locker room for cyclists, including showers and drying cabinets. The possibility of using parking spaces in an underground garage for employees commuting by car. A wide range of benefits, which you can read about on the "Your Career" page - including employee support programs, employer-sponsored life insurance and healthcare, monthly credits on the Motivizer platform (cafeteria), health initiatives, opportunities to get involved in extracurricular activities such as charity events (e.g., an additional day off for volunteering), team-building meetings, and employee referral programs. Benefits sharing the costs of sports activities private medical care sharing the costs of foreign language classes sharing the costs of professional training & courses life insurance remote work opportunities flexible working time Wszystkie informacje o przetwarzaniu danych osobowych w tej rekrutacji znajdziesz w formularzu aplikacyjnym, po kliknięciu w przycisk "Aplikuj Teraz".

Location: Warszawa, PL

Posted Date: 4/19/2025