Senior Cyber Threat Hunter

JOB DESCRIPTION

motivated Senior Cyber Threat Hunter to join our Cyber Fusion Center (CFC) team as a fully remote position

located in Costa Rica.

RESPONSIBILITIES

As a member of Global Security Office (EGSO) this individual will research and investigate hosts and

networks to identify adversary tools, techniques, and procedures (TTPs), investigate potential exploitation of

systems, and provided reactive investigate support during security incidents to identify adversary behavior

elsewhere in the environment. They will also be expected to participate in several different areas within Security

Operations and Incident Response process; these activities may include malware reversing, digital forensics, use

case development, security control testing, and hunt plan development. The candidate for this role must have

strong personal skills involving report writing, presentation, organization, and communication.

This is a technical position supporting the strategies of the Global Security Operations Center.

Information Security Officer. This position reports directly to the Senior Manager, Cyber Threat Hunting as part of

the CFC’s Incident Response program.

KEY RESPONSIBILITIES INCLUDE

 Execute proactive threat hunting activities based on intelligence, telemetry, and hypotheses to identify

malicious activity across host, network, and cloud environments.

 Develop and refine hunt queries, detections, and rules (Yara, Sigma) to support continuous improvement

of detection engineering use cases.

 Monitor the evolving threat landscape, vulnerabilities, and adversary TTPs, applying this knowledge to

enhance hunting strategies.

 Document hunting methodologies, queries, findings, and recommended actions in SOPs and playbooks

aligned to MITRE ATT&CK.

 Participate in purple team exercises and adversary simulations to validate detection coverage and

improve hunting techniques.

 Utilize SIEM, EDR, NDR, and UEBA tools to conduct hunts and confirm threats through forensic artifact

analysis.

 Collaborate with incident response and forensic teams to share findings, assist in remediation, and

strengthen detection capabilities.

 Contribute to automation efforts by developing scripts and workflows that reduce repetitive tasks and

accelerate hunting operations.

 Support the maintenance of a hunt lab environment for testing hypotheses, validating detections, and

experimenting with new tools and techniques.

 The position may require availability outside of standard business hours occasionally, including evenings

or weekends, to support time-sensitive or critical threat hunting activities.

JOB REQUIREMENTS

 3–5 years of experience in cybersecurity with focus in Threat Hunting, Incident Response, Forensics, or

Detection Engineering.

 Bachelor’s degree in cybersecurity, computer science, information technology, or related field.

 Certifications such as GIAC Certified Incident Handler (GCIH), Cyber Threat Hunter Network Forensic Analyst (GNFA), GIAC

Cloud Forensics Responder (GCFR), EC-Council Certified Ethical Hacker (CEH), or equivalent are highly

beneficial.

 Hands-on experience with SIEM, EDR, NDR, and forensic tools, with ability to write hunt queries and

detections.

 Working knowledge of MITRE ATT&CK and Cyber Kill Chain frameworks and how they apply to threat

hunting.

 Strong analytical and problem-solving skills to interpret complex data and uncover hidden threats.

 Experience with at least one scripting or programming language (Python, PowerShell, or JavaScript) to

support automation and custom tooling.

 Familiarity with cloud environments (AWS, Azure, GCP) and ability to conduct basic cloud-native hunting.

 Effective communication and documentation skills to articulate findings and collaborate with cross-

functional teams.

 Demonstrated curiosity and willingness to learn advanced hunting techniques, automation, and adversary

simulation practices.