PUNCH Cyber Analytics Group is seeking a Threat Hunt Analyst with 1-3 years of experience working in Security Operations Centers. The candidate must have experience using Splunk ES, a strong understanding of TCP/IP, routing, and major Internet protocols. Knowledge of tracking APT adversaries and network infrastructure is required, along with familiarity in concepts like the diamond model, Att&ck framework, and cyber kill chain. Experience with MISP for indicator management and a variety of data sets for hunting and analysis is a plus. The position is remote and requires self-motivation and the ability to work both independently and in a team environment.

Consult and advise a commercial client with maturing and expanding an established CTI program. Significant experience with analyzing and tracking cyber threats at the strategic, operational and tactical level. Substantial background in developing CTI products and services for Cybersecurity teams. Experience with evolving CTI out of a traditional security function is a plus. Ability to manage multiple projects and shift priorities based on customer need. Proficient at documenting processes and procedures. Capability and willingness to mentor and teach others. Experience with CIRT/SOC security tools and services, as well as Microsoft 365 and Azure ecosystems preferred. Ability to communicate to all levels of an organization and technical backgrounds. Previous experience within Healthcare industries is a plus. Strong preference for prior all-source analysts with cybersecurity experience.