Threat Hunt Analyst

Location: Carmel, Indiana; Eagan, Minnesota; or Little Rock, Arkansas

As MISO's Threat Hunt Analyst, you will lead, build, and mature the threat hunting program, including creating new detection methodologies, and providing experienced support to incident response and monitoring functions. You will also directly support the Security Operations Center by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and perform incident response. To thrive as a threat hunter, you will use data analysis, threat intelligence, and cutting-edge security technologies.

Here's what you can expect on a typical day in the life of a Threat Hunt Analyst:

Developing, maturing, and maintaining TTP or attack pattern detection techniques. Perform the full threat hunting cycle, including the development of EDR detection rules, recommend and mitigate the effects caused by an incident. Build security utilities and tools for internal use that enable you and your fellow teammates to operate at high speed and broad scale. Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities. Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts.

Your Responsibilities:

• Actively develop hunts, translate them into an iterative process, and deploy them in numerous EDR solutions.
• Define client relationships and understand the critical assets in their environment to develop sophisticated detections and reporting.
• Develop and mature new and existing solutions for threat hunting detection capabilities.
• Fully document and communicate findings to an array of audiences which includes both technical and executive teams.
• Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems, and processes).
• Conduct full digital forensics on any operating system to include all versions of Microsoft Windows, Unix-based OS, Mac OS, and mobile operating systems.
• Use isolated virtual environments to conduct research and develop adversary detection methods.
• Use active defense capabilities to profile adversaries and build custom detections to be used in threat hunt operations.
• Conduct Threat Hunt operations in cloud environments, including Azure and O365.

Your Abilities & Skills:

• Apply programming languages and scripting to new or existing processes.
• Pivot off indicators within networks to identify the scope and breadth of attacks.
• Developing threat hunts using various toolsets based on various inputs and intelligence gathered
• Actively developing hypotheses for hunting.
• Performing both host and network-based investigations.
• Reviewing logs to identify evidence of past intrusions.

Your Knowledge:

• Computer networking concepts and protocols, and network security methodologies.
• Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
• Cyber threats and vulnerabilities.

Appropriate level will be determined based upon experience and knowledge.

MISO manages the electricity superhighway in the Central U.S. Through the use of groundbreaking research and sophisticated technology, our highly skilled employees ensure power flows reliably to 42 million Americans. Operating the electricity grid, running a robust energy market, planning for a bright future - it's what our immensely hardworking and dedicated team does every day.

We're hiring! We are committed to the health and safety of our employees while maintaining a reliable bulk electric system and are proud to offer #workfromhome options to our employees. MISO offers a comprehensive benefits package available on your first day of employment. #hiring

YouTube - MISO in 90 Seconds
Learn More About MISO