Cyber Security Threat Hunter

The Cyber Threat Hunting Principal Analyst sits within the Global Information and Cyber Security Defence (ICSD) function in this critical role you will leverage your expertise to proactively detect investigate and mitigate sophisticated external and insider threats. This is a handson role which is responsible for ensuring that proactive and reactive threat hunts are conducted.

The individual may have linemanagement responsibilities for analysts within the Cyber Threat Hunting and Forensics Team and contribute to process procedure and will ensure best practice is followed to meet the WTW requirements. They will be expected to grow and develop analysts and will be part of WTWs intelligenceled cyber defence strategy.We are looking for a collaborative and passionate handson technical team player with brilliant coordination and communication skills who enjoys operating in a fastpaced environment. The successful candidate will be expected to build strong relationships with other ICSD teams and with partner teams and wider business stakeholders to ensure success. They must be able to balance priorities andserve as an expert in providing technical analysis assessment and mitigation recommendations for escalated security incidents where deep technical knowledge is required.

The individual will work as part of a global multidisciplined security community with strong support across the business contributing to fostering a securityaware culture while ensuring WTW remains a great place to work. With WTWs large global footprint this role offers a fascinating range of work and occasional global travel may be required.

The Role

The Cyber Threat Hunting and Forensic Team Principal Analyst will provide global threat hunting and forensic capability for WTW responsibilities of this role will include:

Global Threat Hunting

• Conduct threathunting operations to identify and mitigate potential threats before they can impact the organization.
• Develop and execute hypothesisdriven threat hunting techniques to uncover adversary tactics techniques and procedures (TTPs).
• Deliver detailed threat analysis and reports to executive leadership and stakeholders.
• Provide actionable recommendations to enhance the organizations security posture.
• Develop and implement advanced log analysis and search capabilities to identify sophisticated external and insider threats.
• Investigate anomalies correlate findings with threat intelligence and propose mitigation strategies.
• Perform targeted threathunting campaigns using adversary TTPs and insights from system telemetry and security data sources.
• Support incident investigations by providing detailed analysis and insights derived from threathunting operations.
• Share findings analysis and recommendations with crossfunctional teams to improve the overall security posture and incident response effectiveness.
• Contribute to the design and implementation of advanced threat detection methodologies playbooks and automation processes to enhance hunting capabilities.
• Provide thought leadership and mentorship to junior analysts fostering a continuous learning culture within the team.
• Analyze security trends and assess their impact on the organization providing actionable insights to leadership.
• Serve as an escalation point during critical cybersecurity incidents providing incident response Digital forensic analysis and malware assessment to support containment eradication and recovery efforts.
• Conduct host and network forensics log analysis and evidence collection for onpremises and cloud systems ensuring proper chain of custody and documentation.

The Requirements

We are looking for a candidate for the Cyber Threat Hunting Principal Analyst who has the following:

• A detailoriented professional with a proactive mindset to stay ahead of emerging threats.
• A team player who thrives in a collaborative environment and can navigate complex challenges effectively.
• Someone passionate about making a tangible impact on WTWs cybersecurity resilience
• Extensive experience in cyber threat hunting security incident response and digital forensics in fastpaced global environments.
• Proven ability to mentor and coach analysts fostering skill development and career growth.
• Strong problemsolving and analytical skills with the ability to influence stakeholders and drive effective decisionmaking.
• Expertise in adversarial tactics techniques and procedures (TTPs) the MITRE ATT&CK framework cyber chain and hacking/postexploitation tools.
• Proficiency in interpreting and querying diverse log types (e.g. Windows Event Web server Firewall logs) and conducting threat hunts within SIEM and EDR tools.
• Knowledge of forensic methodologies opensource tooling and cloud security including incident response in cloud environments.
• Experience delivering technical presentations and reports to both technical and nontechnical audiences.
• Familiarity with scripting languages such as Python PowerShell and KQL with a functional understanding of programming concepts.
• Industryrecognized certifications in Cyber Incident Response Forensics or Malware Analysis are a plus.
• Strong communication collaboration and interpersonal skills to effectively convey security and risk concepts across diverse audiences.

Location: Could be Spain Portugal or Poland.

The Application Process

• Stage 1: Online application and recruiter review
• Stage 2: Phone or video interview from the recruiter
• Stage 3: Live video interview with hiring manager and team
• Stage 4: Live video interview with member of th eteam
• Stage 5: Offer and onboarding

Were committed to equal employment opportunity and provide application interview and workplace adjustments and accommodations to all applicants. If you foresee any barriers from the application process through to joining WTW please email.