Senior Threat Hunter & Incident Responder

Job Summary

As the largest online distributor of restaurant supplies and equipment, WebstaurantStore, a Clark Associates company, hosts an expansive catalogue with over 430,000 products that are delivered through fast, dependable shipping, making us the internet's largest restaurant supplier. Our CAST (Clark Associates Security Team) is committed to maintaining the highest standards of security and integrity in all our applications and systems.

We are seeking an experienced senior security professional to fill our opening for a Senior Threat Hunter & Incident Responder. In this role, you will assist with building out our threat hunting program as we seek to proactively identify cyber threats that may evade our traditional automated detection methods. Additionally, you will assist in maturing the organization's incident response capabilities through playbook creation & refinement. As necessary, this role will also facilitate incident response efforts from detection through recovery. Individuals interested in playing an active role in shaping the organization's threat detection & response activities are encouraged to apply.
Remote Work Qualifications

• Access to a reliable and secure high-speed internet connection. Cable or fiber internet connections (at least 75mbps download/10mbps upload) are preferred, as satellite connections often cannot support the technologies used to perform day-to-day tasks.
• Access to a home router and modem.
• A dedicated home office space that is noise- and distraction-free. The space should have strong wireless connection or a wired Ethernet connection (wired connection is preferred, if possible).
• A valid, physical address (apartment, suite, etc.). PO Boxes are not supported, as a physical address is required for you to receive your computer equipment.
• The desire and ability to work and communicate with other team members via chat, webcam, etc.
• Legal residents of one of the following states: (AK, AL, AR, AZ, CT, DE, FL, GA, IA, ID, IN, KS, KY, LA, MD, ME, MI, MN, MO, MS, NC, ND, NH, NM, NV, OH, OK, PA, SC, SD, TN, TX, UT, VA, VT, WI, WV, and WY).

Responsibilities

• Real-Time Monitoring: Actively monitor SIEM, IDS/IPS, and EDR tools to detect potential security incidents.
• Proactive Threat Identification: Conduct threat-hunting activities to identify threats that may have bypassed existing security controls, using a combination of manual analysis and automated tools.
• Data Analysis: Analyze large datasets from SIEM, EDR, network traffic, and other sources to identify patterns indicative of malicious activity or make recommendations for tool improvement.
• Threat Intelligence Integration: Leverage threat intelligence feeds to inform hunting activities and stay up-to-date on the latest adversarial tactics, techniques, and procedures (TTPs).
• Incident Analysis: Analyze malicious code, network traffic, and system logs to identify the root cause of incidents, potential vulnerabilities, and Indicators of Compromise (IoCs).
• Documentation: Create detailed incident reports, including root cause analysis, mitigation actions, and lessons learned, ensuring thorough documentation for future reference.
• Continuous Improvement: Stay informed about emerging threats, frameworks, and best practices to advocate for proactive strategies and controls. Regularly evaluate the organization's threat landscape & incident response protocols to recommend improvements or additions to defense preparations.

Physical Requirements

• Work is performed while sitting/standing and interfacing with a personal computer.
• Requires the ability to communicate effectively using speech, vision, and hearing.
• Requires the regular use of hands for simple grasping and fin manipulations.
• Requires occasional bending, squatting, crawling, climbing, and reaching.
• Requires the ability to occasionally lift, carry, push, or pull medium weights, up to 50lbs.

Qualifications
Experience

• Minimum 5 years of experience in SOC, Security Analyst, or Security Engineer roles.
• Strong knowledge of MITRE ATT&CK, threat intelligence feeds, and industry best practices (e.g., NIST Cybersecurity Framework, ISO/IEC 27001).
• Hands-on experience operating SIEM, EDR, and IDS/IPS solutions.
• Excellent communication, organizational, and time management skills.
• Relevant certifications preferred: GIAC Threat Intelligence Analyst (GTHA), GIAC Certified Incident Analyst (GCIA), Certified Information Systems Security Professional (CISSP), or related incident response & threat hunting credentials

Education

• Bachelor's degree in Information Security, Information Technology, Computer Science, or a related field (or equivalent experience).

Desired Traits

• Effective Communication: Adept in presenting threat & incident status to executive leadership, translating technical threats into business risks and implications.
• Technical Expertise: Expert in conducting root cause analysis, identifying systemic vulnerabilities, and implementing preventative measures.
• Industry Knowledge: Deep understanding of cybersecurity frameworks, threat landscapes, and can adapt response tactics based on evolving threats.
• Time and Priority Management: Ability to effectively lead multiple complex threat hunting operations & high-priority incidents responses simultaneously.
• Leadership: Takes on a strategic role in developing the organization's threat-hunting and incident response programs.