Principal Threat Hunting Analyst 100% Remote

Cognizant (Nasdaq - 100: CTSH) is one of the world's leading professional services companies transforming clients' business, operating, and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build, and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant is ranked 194 on the Fortune 500 and is consistently listed among the most admired companies in the world.

On the Corporate Security team at Cognizant, we challenge ourselves every day to continuously meet the highest standards of security. Our purpose is to deliver world class security and risk management capabilities to protect and enable Cognizant's trusted global business while creating client value and competitive differentiation. From oversight and coordination of security efforts to compliance and risk management, the Corporate Security team's responsibilities span across multiple partners and clients in the marketplace to defend against today's threats. Come join us and help build more secure and resilient infrastructure for the future!

Summary

We are standing up a centralized Threat Hunting team which functions within the Global Cyber Operations tower of Cognizant. The GCO tower is responsible for monitoring, detecting, and responding to Cyber security threats for all Cognizant IT infrastructure. The Threat Hunt team analyzes whether specific threat activity has come in contact with our environment, mitigated or otherwise, and advises improvements to any detection or defensive gaps that are discovered in regard to said threat. The Principal Threat Hunting Analyst is responsible for creating, improving, and executing Threat Hunting tasks in support of the Threat Hunting team's objectives. They are also responsible for training and mentoring junior members of the Threat Hunt team.

Specifically:

• Perform threat hunts for a wide range of malicious cyber activity informed by Cyber threat intelligence, data analytics, and situational awareness
• Perform threat hunts based on a combination of IOCs and TTPs
• Document the hunt process and findings including True/False positives, protection coverage, visibility gaps, and detection tuning recommendations
• Escalate findings of active malicious activity to the Incident Response team for Containment, Eradication, Recovery and Lessons Learned
• Continually improve threat hunting processes and documentation
• Participate in Purple Team exercises from a Threat Hunting point of view
• Occasionally support Incident Response on High Severity incidents that may involve APT or other novel activity
• Use a combination of citable sources and personal expertise to make judgements regarding ambiguous results
• Consume Threat Intelligence reports of varying length and complexity and occasionally formulate new methods of hunting
• Train and mentor Junior Threat Hunt colleagues

Required:

• Minimum of seven years in progressive roles withinCyber Security for large global organization
• At least 5 years specializing in some combination of Threat Hunting, Live Forensics, or Incident Response;preferto have most of that time spent practicing Threat Hunting, IR, or Live Forensics and discovering unmitigated APT activity and identifying additional TTPs
• At least 1 well known Cyber security Industry Certification, Intermediate level or higher is preferred
• MITRE ATT&CK familiarity, preferred

Also preferred:

• CISSP, OSCP, and Threat Hunting specific certifications (e.g. eCTHP, FOR608, etc.)
• Splunk, QRadar, Microsoft Defender for Endpoint, Velociraptor experience
• Python, PowerShell, Bash scripting experience
• Detection engineering experience, Yara, Snort, etc.
• Bachelor's Degree or higher
• Offensive Security experience
• Purple Team Experience
• CTF experience

Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

If you have a disability that requires a reasonable accommodation to search for a job opening or submit an application, please emailwith your request and contact information.

Salary and Other Compensation:

The annual salary for this position is between $137,777 - $176,094depending on experience and other qualifications of the successful candidate.

This position is also eligible for Cognizant's discretionary annual incentive program, based on performance and subject to the terms of Cognizant's applicable plans.

Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:

• Medical/Dental/Vision/Life Insurance
• Paid holidays plus Paid Time Off
• 401(k) plan and contributions
• Long-term/Short-term Disability
• Paid Parental Leave
• Employee Stock Purchase Plan

Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.

Employee Status : Full Time Employee

Shift : Day Job

Travel : No

Job Posting : Mar 01 2023

About Cognizant

Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.

Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

If you have a disability that requires a reasonable accommodation to search for a job opening or submit an application, please email with your request and contact information.