Cnsltng Dir, Threat Hunter

CNA

Job Location:

Chicago, IL - USA

Yearly Salary: $ 97000 - 189000

Posted on: 10 hours ago

Vacancies: 1 Vacancy

Job Summary

You have a clear vision of where your career can go. And we have the leadership to help you get there.At CNA we strive to create a culture in which people know they matter and are part of something important ensuring the abilities of all employees are used to their fullest potential.

Threat Hunter Consulting Director is a senior-level individual contributor focused on proactively searching adversarial activity in the network with the goal of discovering threats prior to an adversary completing its mission. This role utilizes advanced skills to perform enterprise forensics including operating system artifact analysis log analysis network traffic analysis and the MITRE ATT&CK framework. This position is responsible for developing innovative and creative detection tactics and techniques that protect client data and corporate assets from diverse threats. The role is a key member of a highly technical team operating in a rapidly changing environment.

JOB DESCRIPTION:

Essential Duties & Responsibilities

Performs a combination of duties in accordance with departmental guidelines:

Leads and conducts real-time and historical analysis using the full security suite including Endpoint Protection SIEM Firewall EDR IDS Email Gateway Web Content Filtering and Identity Management technologies.

Conducts incident response triage analysis on suspected hosts todeterminepotential attacks and scope.

Conducts threat hunting operations based on the latest threat intelligence.

Creates strategies for enterprise-wide hunts based on triage findings and intelligence efforts.

Maintains awareness of emerging attack tactics techniques and procedures.

Collaborates with SOC Threat Intelligence Incident Response and Enterprise Security teams.

Identifiesvisibility gaps and recommends improvements.

Manages day-to-day SOC monitoring investigations response and intelligence activities.

Coordinates escalation for advanced forensics and malware reverse engineering.

Communicates security incidents clearly to business and non-technical stakeholders.

May perform additional duties as assigned.

Reporting Relationship

Typically AVP or above

Skills Knowledge & Abilities

In-depth knowledge of SIEM IDS/IPS web proxies DLP CASB DNS security DDoS protection and firewalls.

Advanced experience with forensic tools for OS artifact memory and network analysis.

Strong understanding of malware reverse engineering principles and network protocols.

Demonstrated ability to build execute and lead enterprise threat hunting programs.

Ability to work collaboratively in high-pressure incident response environments.

Demonstrated ability to apply artificial intelligence and machine-learning techniques to threat hunting including use of LLMs UEBA and statistical models to surface anomalous behavior enrich low-signal telemetry and accelerate hypothesis-driven hunts across large enterprise datasets.

Experience evaluating tuning and operationalizing AI-enabled security capabilities (e.g. AI-assisted SIEM EDR/XDR and detection engineering workflows) with an understanding of model limitations bias false-positive risk and the need for analytically defensible outcomes suitable for executive legal and regulatory review.

Education & Experience

Bachelors degree in Computer Scienceor related discipline or equivalent experience.

Typicallya minimum of 10years of experience in cyber monitoring threat hunting incident response forensics or related disciplines.

#LI-KJ1 #LI-HYBRID

In certain jurisdictions CNA is legally required to include a reasonable estimate of the compensation for this District of Columbia California Colorado Connecticut Illinois Maryland Massachusetts New York and Washington the national base pay range for this job level is $97000 to $189000 determinations are based on various factors including but not limited to relevant work experience skills certifications and location. CNA offers a comprehensive and competitive benefits package to help our employees and their family members achieve their physical financial emotional and social wellbeing goals. For a detailed look at CNAs benefits please visit.

CNA is committed to providing reasonable accommodations to qualified individuals with disabilities in the recruitment process. To request an accommodation please contact.

JOB DESCRIPTION:

Essential Duties & Responsibilities

Performs a combination of duties in accordance with departmental guidelines:

Leads and conducts real-time and historical analysis using the full security suite including Endpoint Protection SIEM Firewall EDR IDS Email Gateway Web Content Filtering and Identity Management technologies.

Conducts incident response triage analysis on suspected hosts todeterminepotential attacks and scope.

Conducts threat hunting operations based on the latest threat intelligence.

Creates strategies for enterprise-wide hunts based on triage findings and intelligence efforts.

Maintains awareness of emerging attack tactics techniques and procedures.

Collaborates with SOC Threat Intelligence Incident Response and Enterprise Security teams.

Identifiesvisibility gaps and recommends improvements.

Manages day-to-day SOC monitoring investigations response and intelligence activities.

Coordinates escalation for advanced forensics and malware reverse engineering.

Communicates security incidents clearly to business and non-technical stakeholders.

May perform additional duties as assigned.

Reporting Relationship

Typically AVP or above

Skills Knowledge & Abilities

In-depth knowledge of SIEM IDS/IPS web proxies DLP CASB DNS security DDoS protection and firewalls.

Advanced experience with forensic tools for OS artifact memory and network analysis.

Strong understanding of malware reverse engineering principles and network protocols.

Demonstrated ability to build execute and lead enterprise threat hunting programs.

Ability to work collaboratively in high-pressure incident response environments.

Demonstrated ability to apply artificial intelligence and machine-learning techniques to threat hunting including use of LLMs UEBA and statistical models to surface anomalous behavior enrich low-signal telemetry and accelerate hypothesis-driven hunts across large enterprise datasets.

Experience evaluating tuning and operationalizing AI-enabled security capabilities (e.g. AI-assisted SIEM EDR/XDR and detection engineering workflows) with an understanding of model limitations bias false-positive risk and the need for analytically defensible outcomes suitable for executive legal and regulatory review.

Education & Experience

Bachelors degree in Computer Scienceor related discipline or equivalent experience.

Typicallya minimum of 10years of experience in cyber monitoring threat hunting incident response forensics or related disciplines.

#LI-KJ1 #LI-HYBRID

CNA is committed to providing reasonable accommodations to qualified individuals with disabilities in the recruitment process. To request an accommodation please contact.

Apply Now

About Company

CNA

CNA provides insurance solutions to more than 1 million businesses and professionals worldwide. With more than 100 years of industry experience, CNA has earned a reputation as one of the most trusted commercial insurance companies in the business. We’re a powerful legacy built on expe ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click