CT- Lead Cyber Threat Hunter
2 weeks ago
What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you.
Job Summary
McKesson's Global Cyber Threat Hunting Lead will be a member or our Cyber Investigations & Response Team executing threat hunting activities across the Enterprise. You will be responsible for leading threat actor-based investigations, implementing technical threat hunt methodologies, creating new detection methodologies, and providing expert support to incident response and monitoring functions. Your mission is to timely detect, disrupt, and eradicate threat actors from enterprise networks based on relevant and timely threat intelligence. To execute this mission, you will use data analysis, threat intelligence, and cutting-edge security technologies. You will support the security operations by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and collaborate with the Incident Response Team on responding to detected incidents.
Responsibilities
- Lead the research, analysis, and response for alerts; including log retrieval and documentation.
- Conduct analysis of network traffic and host activity across a wide array of technologies and platforms.
- Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts.
- Compile detailed investigation and analysis reports.
- Work with the Cyber Threat Intelligence (CTI) team to track threat actors and associated tactics, techniques, and procedures (TTPs) and develop countermeasures in response to those threat actors.
- Analyze malicious campaigns and evaluate effectiveness of security technologies.
- Coordinate threat hunting activities across the network leveraging intelligence from multiple internal and external sources, as well as cutting- edge security technologies.
- Perform Root Cause Analysis of security events and incidents for further enhancement of processes and detection/prevention strategies.
- Develop dashboards and reports to identify potential threats, suspicioanomalous activity, malware, etc.
Requirements
- 10+ years of relevant cyber security experience in Threat Hunting, IT Security, Incident Response or network security with strong knowledge working in a Security Operations Center, Incident Response team, or Threat Hunting team.
- Experience with risk management, vulnerability management, threat analysis, security auditing, security monitoring, incident response and other information security practices preferred
- Strong analytical and investigation skills & active threat hunting and adversary tracking.
- Excellent written and oral communication skills with the ability to effectively communicate with information technology professionals as well as senior management and auditors, assessors, and consultants
- High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity
- Working knowledge of root causes of malware infections and proactive mitigation.
- Working knowledge of lateral movement, footholds, and data exfiltration techniques
- Ability to mentor and potentially independently lead a team of global Cyber Threat Hunters.
Preferred Technical and Professional Expertise
- One or more of the following technical security certifications or equivalent: GDAT (GIAC Defending Advanced Threats), Certified Cyber Threat Hunting Professional (CCTHP), Certified Threat Intelligence Analyst (CTIA), and GIAC Cyber Threat Intelligence (GCTI).
- Master's degree in a technical field such as Computer Science, Information Security, Information Technology, Computer Engineering, or Information Systems. or equivalent degree is preferred.
- Knowledge of the underlying logic that security alerts are built upon and apply them when analyzing raw logs and creating new dashboards and alerts.
- Recognize complex problems, analyze situations and provide suggested/implemented resolution(s)
- Experience and knowledge of packet flow, TCP/UDP traffic, firewall technologies, IDS technologies, proxy technologies, and antivirus, spam and spyware solutions.
- Provide leadership and guidance to the team and act as a resource to the team members.
- Experience with one or more scripting languages (e.g., Python, JavaScript, Perl)
- Perform memory analysis and malware analysis
- Experience with computer exploitation methodologies
We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.
Our Base Pay Range for this position
$139,000 - $231,600
McKesson is an Equal Opportunity Employer
McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson's full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.
Join us at McKesson CT- Lead Cyber Threat Hunter
-
CT -Sr Cyber Threat Hunter
2 weeks ago
Austin, United States MCKESSON Full timeMcKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care.What you do at McKesson matters. We foster a culture...
-
CT -Sr Cyber Threat Hunter
2 weeks ago
AUSTIN, United States MCKESSON Full timeMcKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.What you do at McKesson matters. We foster a...
-
Cyber Threat Hunter Expert
2 weeks ago
Austin, Texas, United States MCKESSON Full timeMckesson is an impact-driven Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.We foster a culture where you can grow, make an...
-
Cybersecurity Analyst
2 weeks ago
Austin, Texas, United States TEKsystems Full timeAbout the RoleAs a Cybersecurity Analyst - Threat Hunter with TEKsystems, you will play a critical role in protecting our clients' networks and systems from cyber threats. You will be responsible for analyzing network traffic to identify anomalous activity and potential threats, documenting and escalating incidents, and performing cyber defense trend...
-
Cybersecurity Threat Hunter
2 days ago
Austin, Texas, United States Unreal Gigs Full timeAt Unreal Gigs, we're seeking a highly skilled Cybersecurity Threat Hunter to join our team. As a key member of our security operations center (SOC), you'll play a critical role in protecting our digital assets from evolving threats. With a strong background in cybersecurity and experience working in a fast-paced environment, you'll be responsible for...
-
MSSP Sales Manager
3 weeks ago
Austin, United States Check Point Software Technologies Full timeWhy Join Us? As the world's leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we've assembled a global team of the most driven, creative, and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers' real-time needs and providing our cutting-edge technologies and...
-
Enterprise Threat Response Lead
3 days ago
Austin, Texas, United States KPMG Full timeAbout the Job:KPMG is currently seeking a talented individual to fill the role of Enterprise Threat Response Lead. This is a remote work opportunity that offers a challenging and dynamic work environment.Key Responsibilities:Leverage intelligence, lead and manage the monitoring for threats and vulnerabilities and respond accordingly, including the...
-
Austin, Texas, United States Duff & Phelps Full timeAbout the RoleWe are seeking a highly skilled Cyber Security Threat Analyst to join our global risk management team. In this role, you will play a key part in protecting our clients' data and systems from cyber threats.Job DescriptionThe successful candidate will be responsible for:Providing real-time threat analysis and detection in our Security Operations...
-
Sr. Director Cyber Security Threat Detection
2 weeks ago
Austin, TX, United States Synopsys, Inc. Full timeWe Are: At Synopsys, we drive the innovations that shape the way we live and connect. Our technology is central to the Era of Pervasive Intelligence, from self-driving cars to learning machines. We lead in chip design, verification, and IP integration, empowering the creation of high-performance silicon chips and software content. Join us to transform the...
-
Cyber Security Architect Lead
2 weeks ago
Austin, Texas, United States Amazon Full timeAbout the RoleAt Amazon, we're pushing the boundaries of innovation in cybersecurity to protect our customers and businesses. As a Principal Security Engineer, you'll be part of this pioneering effort, leading complex security projects and shaping the strategic roadmap for your department.About YouWe're looking for visionary leaders with broad experience...
-
Senior SAP Cyber Security Consultant
2 weeks ago
Austin, Texas, United States Diverse Lynx Full timeDiverse Lynx LLC, a leading provider of innovative solutions, seeks a highly skilled Senior SAP Cyber Security Consultant to join our team.Salary: $120,000 - $180,000 per yearAbout the RoleThis is an exciting opportunity to work with our expert team in delivering cutting-edge security solutions for our clients. As a Senior SAP Cyber Security Consultant, you...
-
Cyber Infrastructure Expert
3 weeks ago
Austin, Texas, United States Texas Department of Aging & Disability Services Full timeJob OverviewWe are seeking a skilled Cyber Infrastructure Expert to join our team at the Health and Specialty Care System (HSCS) in Texas. The successful candidate will play a vital role in providing state-of-the-art network services across our nine psychiatric hospitals and one youth residential psychiatric center.Estimated Salary$65,000 - $95,000 per year,...
-
Cybersecurity Threat Detection Specialist
3 weeks ago
Austin, Texas, United States HP Full timeAbout the RoleAs a Cybersecurity Threat Detection & Response Engineer at HP, you will play a crucial part in safeguarding our enterprise from cybersecurity threats. Your expertise will be instrumental in identifying and mitigating potential security risks, ensuring the integrity of our systems and data.Key ResponsibilitiesScope the extent and impact of any...
-
CT - Senior Security Event Analyst
3 weeks ago
AUSTIN, United States MCKESSON Full timeMcKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.What you do at McKesson matters. We foster a...
-
Austin, Texas, United States CrowdStrike, Inc. Full timeAbout the Role:CrowdStrike is seeking a results-driven Regional Sales Director to spearhead sales efforts in global security, protecting organizations from advanced threats. As a seasoned sales leader, you will be responsible for positioning our next-generation cyber security and threat intelligence capabilities to senior customer executives within assigned...
-
Cybersecurity Operations Center Lead
2 weeks ago
Austin, Texas, United States Maveris Full timeAbout the RoleMaveris, a leading IT and cybersecurity services company, is seeking a highly skilled Cybersecurity Operations Center Lead to join our team in Austin, TX or Martinsburg, WV. As a critical member of our CSOC team, you will play a key role in safeguarding digital assets and responding to potential cyber threats.As a 2nd Shift Lead, you will...
-
Cybersecurity Threat Detection
3 weeks ago
Austin, United States HP Development Company, L.P. Full timeCybersecurity Threat Detection & Response Engineer Description - Job Description As the world around us becomes more connected and more digital, there are increased opportunities for fraud and disruption due to cybersecurity attacks. The need for companies, products, and services to be secure is more important than ever in this constantly changing landscape....
-
Cyber Security Analyst
2 days ago
Austin, United States Apex Systems Full time**Candidates must be local to Texas upon application**Job DescriptionExperience with Endpoint Detection and Response (e.g.. EndGame, Crowdstrike, CyberReason, SentinelOne, Most interested in Microsoft)Experience with Email Threat Management (e.g. Proofpoint, MimeCast, Microsoft)Experience with Security Information and Event Management (e.g. Splunk, Rapid7,...
-
Security Operations Center
3 months ago
Austin, United States Unreal Gigs Full timeIntroduction: Do you thrive on being the first line of defense against cyber threats? Are you passionate about monitoring, detecting, and responding to security incidents in real-time? If you're a detail-oriented professional who loves investigating and stopping cyberattacks, then our client has the perfect opportunity for you. We're looking for a Security...
-
Threat Detection Specialist
2 days ago
Austin, Texas, United States Vectra Full timeJob DescriptionWe are seeking an experienced Cybersecurity Researcher to join our team in San Jose, CA; Austin, TX or Boston, MA. As a key member of our security research organization, you will be responsible for researching threats, understanding how they appear on the network and in the cloud, and helping shape the direction of our products.Perform leading...