HAPO Community Credit Union

Securance Consulting is a national cybersecurity consulting firm that helps private and public-sector organizations manage technology risks and threats, improve their security defenses, and achieve regulatory compliance. We are looking for a Tier 2 Security Analyst and Threat Hunter to support our client’s cybersecurity team in Houston, Texas. This is a full-time contract role that will require 40 hours a week of onsite work for an initial period of six months. The successful candidate may be offered a permanent full-time position after the initial evaluation period.

The Tier 2 Security Analyst and Threat Hunter will be responsible for deep-diving into security alerts, proactively hunting for advanced threats using threat intelligence and indicators of compromise (IOCs), and coordinating containment and response efforts. This role will involve analyzing security data from various tools, developing hypotheses about potential threats, and documenting findings to improve security controls and defenses.

Responsibilities

• In-depth Incident Analysis: Investigate security alerts escalated from Tier 1 analysts, performing deep-dive analysis to identify the scope, severity, and root cause of threats.
• Threat Hunting: Proactively search for signs of compromise or malicious activity within the network that may have evaded initial security defenses. This includes analyzing data to identify anomalies and formulating hypotheses about potential threats.
• Threat Intelligence and IOCs: Leverage threat intelligence feeds, IOCs, and other data sources to inform threat hunting activities and incident investigations.
• Security Tool Management: Tune and configure security monitoring tools like security information and event management (SIEM), intrusion detection and prevention systems (IDS/IPS), and endpoint detection and response (EDR) to reduce false positives and improve detection accuracy by adjusting thresholds and correlation rules.
• Response and Containment: Participate in incident response activities, including containing and mitigating threats, and work with other teams to develop and implement remediation plans.
• Threat Hunting Frameworks: Apply threat hunting methodologies such as MITRE ATT&CK, the Diamond Model, or the Cyber Kill Chain to structure hunts and analyze findings.
• Documentation and Reporting: Maintain detailed documentation of investigations, findings, and actions taken. Create and present reports on threat trends and the effectiveness of security controls.
• Improvement: Recommend improvements to security controls, detection rules, and overall security posture based on analysis and threat hunting findings.
• Automation: Develop and use scripts (e.g., Python, PowerShell, Bash) to automate repetitive tasks and improve the efficiency of threat hunting and incident response.

Required Skills and Qualifications

• Strong understanding of security principles, networks, and operating systems.
• Experience with security tools like SIEM, IDS/IPS, and EDR solutions.
• Familiarity with threat intelligence platforms and IOC analysis.
• Experience with programming or scripting languages like Python, PowerShell, or Bash.
• Critical thinking and problem-solving abilities to analyze complex data and identify hidden threats.
• Strong verbal and written communication skills for documenting findings and communicating with technical and non-technical stakeholders.
• Ability to work under pressure and make decisions quickly during incidents.
• Strong collaboration skills to work effectively with other security teams.
• Adaptability to learn new tools, techniques, and emerging threats quickly.

Education and Experience

• Associate’s degree in Computer Science, Management and Information Systems, Business, or a related field. Equivalent experience or technical certifications may be substituted for an Associate's degree.
• Previous experience in a SOC analyst role, particularly with incident response and analysis.
• Experience with threat intelligence or threat hunting is highly desirable.
• Experience in law enforcement is highly desirable.
• At least two years of experience in IT security, or supporting security aspects of IT infrastructure or applications teams.
• One or more professional certifications, such as CompTIA Security+, CompTIA Cybersecurity Analyst + (CySA+), or GIAC Security Essentials (GSEC).

Job Type: Contract

Pay: $70,000.00 - $110,000.00 per year

Application Question(s):

• Are you a United States citizen?

Location:

• Houston, TX 77002 (Required)

Ability to Commute:

• Houston, TX 77002 (Required)

Work Location: In person