Senior Cyber Threat Hunter

ROLE: Senior Cyber Threat Hunter

Location: USA (100% Remote)

JOB DESCRIPTION

A global leader in providing information solutions to organizations and consumers, is seeking a highly motivated Senior Cyber Threat Hunter to join our Cyber Fusion Center (CFC) team as a fully remote position located in Costa Rica.

RESPONSIBILITIES

As a member of client’s Global Security Office (EGSO) this individual will research and investigate hosts and networks to identify adversary tools, techniques, and procedures (TTPs), investigate potential exploitation of systems, and provided reactive investigate support during security incidents to identify adversary behavior elsewhere in the environment. They will also be expected to participate in several different areas within Security Operations and Incident Response process; these activities may include malware reversing, digital forensics, use case development, security control testing, and hunt plan development. The candidate for this role must have strong personal skills involving report writing, presentation, organization, and communication.

This is a technical position supporting the strategies of the Global Security Operations Center and Experian’s Chief Information Security Officer. This position reports directly to the Senior Manager, Cyber Threat Hunting as part of the CFC’s Incident Response program.

KEY RESPONSIBILITIES INCLUDE

• Execute proactive threat hunting activities based on intelligence, telemetry, and hypotheses to identify malicious activity across host, network, and cloud environments.
• Develop and refine hunt queries, detections, and rules (Yara, Sigma) to support continuous improvement of detection engineering use cases.
• Monitor the evolving threat landscape, vulnerabilities, and adversary TTPs, applying this knowledge to enhance hunting strategies.
• Document hunting methodologies, queries, findings, and recommended actions in SOPs and playbooks aligned to MITRE ATT&CK.
• Participate in purple team exercises and adversary simulations to validate detection coverage and improve hunting techniques.
• Utilize SIEM, EDR, NDR, and UEBA tools to conduct hunts and confirm threats through forensic artifact analysis.
• Collaborate with incident response and forensic teams to share findings, assist in remediation, and strengthen detection capabilities.
• Contribute to automation efforts by developing scripts and workflows that reduce repetitive tasks and accelerate hunting operations.
• Support the maintenance of a hunt lab environment for testing hypotheses, validating detections, and experimenting with new tools and techniques.
• The position may require availability outside of standard business hours occasionally, including evenings or weekends, to support time-sensitive or critical threat hunting activities.

JOB REQUIREMENTS

• 3–5 years of experience in cybersecurity with focus in Threat Hunting, Incident Response, Forensics, or Detection Engineering.
• Bachelor’s degree in cybersecurity, computer science, information technology, or related field.
• Certifications such as GIAC Certified Incident Handler (GCIH), GIAC Network Forensic Analyst (GNFA), GIAC Cloud Forensics Responder (GCFR), EC-Council Certified Ethical Hacker (CEH), or equivalent is highly beneficial.
• Hands-on experience with SIEM, EDR, NDR, and forensic tools, with ability to write hunt queries and detections.
• Working knowledge of MITRE ATT&CK and Cyber Kill Chain frameworks and how they apply to threat hunting.
• Strong analytical and problem-solving skills to interpret complex data and uncover hidden threats.
• Experience with at least one scripting or programming language (Python, PowerShell, or JavaScript) to support automation and custom tooling.
• Familiarity with cloud environments (AWS, Azure, GCP) and ability to conduct basic cloud-native hunting.
• Effective communication and documentation skills to articulate findings and collaborate with cross-functional teams.
• Demonstrated curiosity and willingness to learn advanced hunting techniques, automation, and adversary simulation practices.