Position summary:
As a Threat Hunter you will be responsible for continuously detecting, analyzing, and combating advanced threats, also detecting vulnerabilities, and mitigating the associated cybersecurity risk before it affects Stryker data and assets.
The Threat Hunter will also be responsible for testing tactics, techniques and procedures for the protection of Stryker data. The Information Security Threat Hunter will be a team-oriented individual, results-oriented, multidisciplined, and passionate about assessing and improving the security of diverse and complex systems according to industry regulations and information security governance framework.

Essential duties & responsibilities:

• Conducts "hunt missions" of Stryker assets and infrastructure using threat intelligence, analysis of anomalous log data, and results of brainstorming sessions to detect and eradicate the threat.
• Hunts for and identifies threat actor groups and their techniques, tools, and processes and determines if those groups are active inside of Stryker.
• Exploration and integration of new cybersecurity Hunting tools, processes, and capabilities.
• Contributes to the tuning and development of security information and event monitoring systems (SIEM) use cases and other security control configurations to enhance threat detection capabilities.
• On requests helps in the investigation of events of interest identified during threat hunt activities or security alerts received from various security technologies.
• Maintain and employ a strong understanding of advanced threats, continuous vulnerability assessment, response, and mitigation strategies used in Cybersecurity operations.
• Perform risk analysis, attack simulation, application-level automated & manual Ethical Hacking based on commonly used hacker attack methods.
• Develop comprehensive and accurate metrics, reports, and presentations for both technical and executive audiences.
• Effectively communicate findings and strategy to customer stakeholders, including technical staff, executive leadership, and legal counsel.
• Collaborate with Security Operations Centers, IS Service Desk, and IS Deskside resources as needed.
• Acts as Build Lead on system or tool deployments related to threat hunting.
• Identify and track threat actor groups, their techniques, tools, and procedures (TTP) while maintaining current knowledge of tools and best practices of Advanced Persistent Threats (APT)
• Actively hunt for Indicators of Risk (IOR) and APT Tactics, Techniques, and Procedures (TTP) on Stryker's networks and endpoints.
• Proactively drive threat hunting and analysis on behalf of Stryker.
• Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure.
• Make use of all security tools available, to identify threats, determine the root cause, scope, and severity of each critical anomaly.
• Report on findings and recommend system tuning/customization and data collection improvements.
• Work with Threat Intelligence feeds and solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise.
• Participate in Hunt missions using threat intelligence, analysis of anomalous log data, and results of brainstorming sessions to detect and eradicate threats.
• Create new detection developing advanced queries to detect threats and respond to Red team assessments providing logic to improve detection.
• Identify and track threat actor groups, their techniques, tools, and procedures (TTP) while maintaining current knowledge of tools and best practices of Advanced Persistent Threats (APT).
• Actively hunt for Indicators of Risk (IOR) and APT Tactics, Techniques, and Procedures (TTP) on Stryker's networks and endpoints.
• Monitor open source threat intelligence for IOCs, new vulnerabilities, software weaknesses, and another attacker TTPs.
• Create detailed Incident Reports, provide expert analytic investigative support, and contribute to lessons learned in collaboration with Stryker's CIRT team
• Develop and produce reports on all activities and incidents to help maintain day-to-day status, develop and report on trends.
• Use the MITRE ATT&CK framework to analyze malicious campaigns and evaluate the effectiveness of security technologies.

• BS in Computer Information Systems or equivalent
• One or more security certifications such as CEH, CISSP, CISM or GIAC, etc., required
• Experience: Minimum 5 years of IT experience.
• Knowledge of current hacking techniques, vulnerability disclosures, and data breach incidents, and security analysis techniques.
• Knowledge of malware families, botnets, threats by sector, and various attack campaigns and attacker methods, tools/techniques/practices.
• Demonstrated experience with Windows and/or Unix/Linux operating systems including command-line tasks and scripting
• Demonstrated technical experience with Networking (eg. data flows, architecture, protocols, traffic analysis, wireless, etc.)
• Demonstrated experience performing Ethical Hacking of both web applications and their associated platforms (e.g., J2EE, .Net, Apache, IIS, WebSphere, etc.) and infrastructure elements (e.g., Windows/Linux operating systems, Oracle/SQL servers, firewalls, routers, switches, etc.).
• Knowledge of common commercial and/or open-source vulnerability assessment tools and techniques used for evaluating operating systems, networking devices, databases, and web servers.
• Knowledge with threat modeling, development of attack plans, performing manual & automated Ethical Hacking, & develop proof of concept exploits
• Experience working with security intelligence, data analytics, security incident response, and forensic investigation teams
• Red Team/Blue Team/Pen-Testing experience required.
• Proven ability to partner with staff and managers in the Information Security and Information Services organizations
• Demonstrated ability to solve complex problems and identify Information Security solutions to challenging business problems