10076807-WD Threat Hunter, VP

Job Summary

In this role you will focus on proactively hunting for threat actor’s tactics, techniques, procedures, and behaviors based on Threat Intelligence and formed hypotheses. You will use your knowledge of networking, operating systems, SIEM, EDR and threat hunting tools to find adversaries, identify gaps in detection and cyber hygiene, and recommend improvements to detection rules. You will assist in incident response with threat actor behavior, IoC based hunting, and track and measure the value of threat hunting activity

.

You will work closely with a highly skilled team of individuals globally, collaborating across lines of defense, businesses, and technology teams disseminating threat hunting activity and risk mitigation results.

This is a 24/7 Cybersecurity Operations organization so you may be occasionally required to perform threat hunting work after hours or on weekends in support of a cyber incident or other threat related requirement

Major Responsibilities

• Perform threat hunts using SIEM, EDR and Threat Hunting Tools, based on threat intelligence, threat actor TTPs and IOCs, and Threat Hunting hypotheses.
• Weekly/Monthly tracking and reporting of Threat Hunting activity, progress, metrics
• Threat Hunting supporting incident response.
• Serve as backup and rotation for Threat and Vulnerability Intelligence functions
• Support audit and regulatory exams
• Administer tools and platforms and related technologies to support Threat Hunting
• Document and maintain processes and procedures
• Presentations to stakeholders and senior leaders

Qualifications

• 6+ years of prior Threat Hunting or Incident Response experience
• Proficiency in Python, PowerShell, or Bash for automation, data parsing, and custom tooling.
• Experience writing detection logic using SIGMA, YARA, Splunk SPL, or KQL.
• Ability to develop and maintain scripts for threat hunting workflows and incident response
• Experience using and building AI platforms/agents to automated and build efficiencies
• Experience with Threat or Vulnerability intelligence, assessment, management a plus.
• Knowledge of industry standards and frameworks such as NIST, MITRE ATT&CK, TAHITI, PEAK
• Knowledge of SIEM, EDR, Networking, Operating Systems, and Scripting Languages.
• Knowledge of AI agents auto create.
• 6+ years overall experience working in a global organization
• Minimum of 6 years working directly in Cybersecurity Operations
• Experience working within the Financial Services Industry preferred
• Relevant technical and industry certifications a plus such as CISSP, ISSMP, SANS, GCIA, CISM, EnCE, CEH, GCFA, GCFE, GCIH, or GSEC

Education

:•Bachelor's degree in Computer Science or a closely-related discipline, or an equivalent combination of formal education and experience

Visa sponsorship/support is based on business needs. We do not anticipate providing visa sponsorship/support for this position

The typical base pay range for this role is as follows depending on job-related knowledge, skills, experience and location.

• New York / New Jersey: $123k – 194K

This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation.

Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays.

For more information on our Total Rewards package, please click the link below.

Our hybrid work schedule is four days on-site and work remotely one day per week.

MUFG Benefits Summary