Threat Detection Consultant

At

One eSecurity

, we are a market-leading specialist in

Threat Detection

and

Digital Forensics & Incident Response (DFIR)

. Our commitment to excellence, innovation, and passion drives everything we do We’re looking for a top-tier, fully remote cybersecurity professional with

5+ years of experience

in

Threat Hunting

and

Cyber Threat Intelligence (CTI)

. If you have a sharp eye for

advanced threats

and hands-on expertise in

incident response

, join us and make an impact!

Main responsibilities

Use threat intelligence and behavioral analysis to find potential anomalies and suspicious activities that automated security systems might miss. Actively search for hidden threats and indicators of compromise (IOCs) across the network, endpoints, and systems, using both known and unknown attack techniques. Operation of Threat Hunting tools such as EDRs, XDRs, SIEMs, etc.., including the creation and execution of hunts as well as analysis of results Conduct in-depth analysis of unusual patterns, system behaviors, and network traffic to uncover advanced threats, including zero-day attacks, APTs, insider threats, and advanced malware. Develop and refine detection rules and use cases for security monitoring systems (e.g., SIEM, IDS/IPS, EDR solutions) based on evolving attack techniques. Generate reports for the Clients, detailing discovered threats, the severity of risks, and recommended actions for remediation. Identify trends, tactics, techniques, and procedures (TTPs) used by cyber adversaries. Perform deep analysis of indicators of compromise (IOCs) and attack signatures. Gather and aggregate information from various sources, such as open-source intelligence (OSINT), dark web monitoring, threat feeds, and other threat-sharing platforms. Work closely and provide actionable threat intelligence to support Incident Response team during active cyber incidents and Threat Hunting team during active threat detection. Client management. Project management.

Requirements: University degree is desirable but not required. 8+ years professional experience: Threathunting, EDR technology, SOC, Blue team, incident response… Have a solid understanding of the information security threat landscape. Knowledge of the threats most commonly used by attackers. Knowledge of analysis platforms and query languages. Knowledge of the most commonly used SIEM technologies on the market.

Knowledge/experience:

Understanding of TCP/IP networks, base protocols for the development and analysis of IDS/PCAPs rules, analysis of logs and DNS/ packets as well as browsing logs. Incident response. Security frameworks such as MITRE, ENISA, CCN… CTI tools: Virus Total, Open CTI, Maltego.. Forensic analysis tools such as Volatility or Regripper. Management of services and/or projects Customer focus. Skills to lead meetings, project presentations... A plus: experience in team management. Ability to work in a team. Demonstrate innovative and creative thinking as well as problem-solving skills. Languages: Fluent in English and Spanish