Cybersecurity Threat Hunter

West Monroe isnt a start-up firm but we act like one.

From day one our people have the opportunity to make a definitive personal impact for their clients and their careers. What does this mean It means we seek out the best of the best and then we challenge them to make us better.

If you are looking to be a behind the scenes technologist this isnt the place for you. We celebrate driven professionals who thrive in a collaborative environment. We are a team of enthusiasts who are always focused on improving our execution and our clients performance. Sound interesting Then West Monroe Partners might be the place for you.

Think youre up to the challenge

West Monroe is currently seeking a Cybersecurity Threat Hunter to proactively identify analyze and mitigate advanced cyber threats targeting our organization. This role is integral to our security operations team focusing on threat hunting incident response forensic investigations and recovery efforts to strengthen our cybersecurity resilience. The ideal candidate possesses a deep technical understanding of adversary tactics techniques and procedures (TTPs) along with hands-on experience in cyber incident detection containment and remediation.

Qualifications:

• 5 years of experience in cybersecurity roles with a focus on threat hunting incident response and forensic investigations.
• Deep understanding of cyber attack lifecycle adversary behaviors and advanced threats (e.g. MITRE ATT&CK Cyber Kill Chain).
• Experience with SIEM (Splunk Azure Sentinel.) EDR (CyberReason Microsoft Defender.) SOAR and forensic tools.
• Proficiency in log analysis network traffic analysis (PCAP NetFlow) and endpoint telemetry for threat detection.
• Hands-on expertise in memory forensics disk forensics malware analysis and triage investigations.
• Strong scripting and automation skills (Python PowerShell Bash etc.).
• Knowledge of cloud security principles (AWS Azure GCP) and cloud-native threat detection methodologies.
• Ability to work under pressure and rapidly respond to high-severity security incidents.

Specific skills include but are not limited to the ability to:

Proactive Threat Hunting & Threat Intelligence

• Conduct proactive threat-hunting using SIEM EDR and threat intelligence platforms to detect indicators of compromise (IOCs) and advanced persistent threats (APTs).
• Develop custom detection rules and analytics based on MITRE ATT&CK TTPs and anomaly-based behaviors.
• Identify gaps in security monitoring and work with SOC and engineering teams to improve detection capabilities.
• Ability to correlate threat intelligence with internal telemetry to identify emerging threats.

Incident Response & Recovery

• Lead incident response investigations including root cause analysis containment eradication and recovery of impacted systems.
• Perform digital forensics and malware analysis to understand attack vectors and minimize dwell time.
• Develop and maintain incident response playbooks forensic methodologies and breach response strategies.
• Collaborate with cross-functional teams to ensure effective business recovery and resilience following security incidents.

Security Analytics & Automation

• Leverage SIEM SOAR and EDR/XDR solutions to correlate security events and streamline threat-hunting workflows.
• Automate common investigative tasks to improve efficiency and reduce manual overhead.
• Continuously assess and refine incident detection and response procedures to stay ahead of evolving threats.
• Experience securing and monitoring network protocols (e.g. DNS HTTP SMB) to identify abnormal traffic patterns.

Vulnerability & Risk Management

• Work closely with vulnerability management teams internally and with external MSSP partners to identify and prioritize remediations based on real-world exploitability.
• Assess and improve endpoint network and cloud security configurations to mitigate security risks.

Collaboration & Reporting

• Provide management-level briefings and technical reports on threat hunting findings incidents and security trends.
• Collaborate with MSSP security architects and SOC analysts to enhance defensive security strategies.
• Participate in tabletop exercises purple team engagements and post-mortem reviews to enhance incident response preparedness.

Education & Certification Requirements

Required Education:

• Bachelors degree in Cybersecurity Computer Science Information Security or a related field.
• Equivalent work experience may be considered in lieu of a degree for highly qualified candidates.

Required Certifications (At least one):

• GIAC Certifications: GCIH (Incident Handler) GCFA (Forensic Analyst) GNFA (Network Forensics) GREM (Reverse Engineering Malware) or GCIA (Intrusion Analyst).
• Offensive Security Certifications: OSCP CRTO GPEN or similar.
• Cloud Security Certifications: AWS Security Specialty Azure Security Engineer or equivalent.

Preferred Certifications (Bonus):

• CISSP CISM or other industry-recognized security certifications.
• CEH CHFI or similar for additional forensic and ethical hacking expertise.