Cyber Threat Hunter

🕒 May 27

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Conduent

Conduent

10,000+ employees

Founded 2017

🤝 B2B

🛍️ eCommerce

🏛️ Government

💰 Venture Round on 2009-01

B2B • eCommerce • Government

Conduent is a leading provider of technology-led solutions aimed at enhancing customer experiences and improving operational efficiency for businesses and government agencies. The company offers a wide range of services, including customer experience management, finance and accounting solutions, human capital management, integrated digital solutions, and specialized services for healthcare and public sector clients. By leveraging automation and analytics, Conduent helps organizations streamline processes and drive business success.

📋 Description

• Conduct proactive, hypothesis‑based threat hunts across endpoint, network, identity, cloud, and SaaS telemetry to identify unknown or emerging threats. • Leverage MITRE ATT&CK to design and execute hunt scenarios aligned to known adversary tradecraft. • Identify stealthy behaviors such as living‑off‑the‑land techniques, credential abuse, lateral movement, and command‑and‑control activity. • Develop and refine detection logic, analytics, and queries within SIEM/XDR platforms (e.g., Cortex XSIAM or equivalent). • Perform deep‑dive investigations and escalate confirmed threat activity with clear evidence and recommendations. • Partner with Incident Response teams during active incidents to provide threat context, scoping, and root cause analysis. • Validate and tune alerts to reduce false positives while improving detection efficacy. • Correlate internal telemetry with threat intelligence feeds to identify active campaigns, exploited vulnerabilities, and adversary infrastructure. • Track emerging threat actor techniques, malware families, and attack trends relevant to the organization’s industry. • Translate intelligence into actionable hunts, detections, and defensive recommendations. • Contribute to the development of threat hunting playbooks, standard operating procedures, and knowledge repository in general. • Support continuous improvement of the threat hunting program through metrics such as hunt coverage, findings quality, cyber posture enhancement identification. • Produce clear, concise reports for both technical and non‑technical stakeholders.

🎯 Requirements

• 3+ years of experience in cybersecurity operations, with hands‑on experience in threat hunting. • Strong understanding of adversary behaviors, attack chains, and common tactics across endpoint, network, identity, and cloud environments. • Experience working with SIEM/XDR platforms, log analysis, and security telemetry at scale. • Familiarity with threat intelligence lifecycle and MITRE ATT&CK framework. • Strong analytical, investigative, and documentation skills. • Ability to work independently in an offshore model and collaborate effectively with global teams across time zones. • Hands‑on experience using Palo Alto Cortex XSIAM for threat hunting, detection engineering, investigation workflows, and alert tuning. • Experience developing and operationalizing XSIAM analytics, queries, and investigation playbooks across endpoint, identity, cloud, and network telemetry. • Strong experience hunting and investigating threats in Microsoft Azure environments, including Entra ID (Azure AD), Azure IaaS/PaaS workloads, and cloud identity logs. • Familiarity with Azure security telemetry (Sign‑In Logs, Audit Logs, Defender for Cloud/Endpoint, Azure Activity Logs). • Experience correlating cloud, endpoint, and identity signals to detect credential abuse, privilege escalation, lateral movement, and persistence techniques. • Scripting and automation experience using Python, KQL, PowerShell, or Bash to support hunting, enrichment, and reporting. • Exposure to malware analysis, OSINT, or threat intelligence platforms (TIPs) to inform hunt hypotheses and detections. • Preferred Certifications: • GCED, GCIA, GCIH, or GCED • OSCP, GPEN, or GWAPT • Security+, CySA+, or equivalent industry certifications

🏖️ Benefits

• Health insurance • 401(k) matching • Flexible work hours • Paid time off • Remote work options

Apply Now

Similar Jobs

🕒 May 21

Everbridge

1001 - 5000

🔐 Security

📡 Telecommunications

🏢 Enterprise

Intelligence Analyst joining Everbridge to report real-time risk events for enterprise and government clients. Analyzing threats and delivering timely reports in a night-shift role based in Bengaluru.