Threat Hunting Analyst

Capgemini in Asturias seeks a dedicated Threat Hunting Analyst to proactively identify and mitigate cyber threats within organizational environments. The ideal candidate will possess over 18 months of experience in cybersecurity operations and must be adept at analyzing logs for hidden threats and collaborating with various teams to strengthen the overall security posture.

This role emphasizes human intuition and proactive methodologies to ensure safety against advanced persistent threats. Join us to contribute to a more secure and inclusive digital world., * Conduct threat hunts to identify malicious activity.

• Develop hypothesis-driven hunts based on TTPs.
• Analyse logs to detect indicators of compromise.
• Investigate credential misuse and lateral movement.
• Correlate data to validate potential threats.
• Identify emerging attacker behaviours.

Conocimientos

Cybersecurity operations experience Malicious activity detection Data analysis Incident response support Descripción del empleo, A dedicated and detail-oriented Threat Hunting Analyst with over 18 months of experience in cybersecurity operations, specializing in proactively looking for signs of attackers inside an organization's environment-before alerts, incidents, or damage occur. Unlike traditional security roles that react to alarms, threat hunters assume compromise and actively search for hidden or stealthy threats., * Proactively conduct threat hunts to identify malicious activity that bypassed automated detections, reducing attacker dwell time.

• Develop hypothesis-driven hunts based on adversary tactics, techniques, and procedures (TTPs) using the MITRE ATT&CK framework.
• Analyse endpoint, network, authentication, and log telemetry to detect indicators of compromise (IOCs) and anomalous behaviour.
• Investigate suspicious activity involving credential misuse, lateral movement, persistence mechanisms, and living-off-the-land techniques.
• Correlate data across SIEM, EDR/XDR, and network security tools to validate potential threats and scope impact.
• Leverage threat intelligence reports and internal telemetry to identify emerging attacker behaviours relevant to the environment.
• Escalate confirmed malicious activity to incident response teams with detailed findings, timelines, and supporting evidence.
• Support incident investigations by providing root cause analysis and attacker activity reconstruction.
• Identify detection and logging gaps and collaborate with detection engineering teams to improve alert coverage and visibility.
• Tune existing security detections to reduce false positives and improve signal quality.
• Document hunt methodologies, findings, and lessons learned to enable repeatable and scalable threat hunting processes.
• Collaborate with SOC analysts, incident responders, and infrastructure teams to improve overall security posture.

• Over 18 months of experience in cybersecurity operations.
• Ability to proactively search for hidden threats.
• Knowledge of MITRE ATT&CK framework.

Capgemini ist einer der weltweit führenden Anbieter von Management- und IT-Beratung, Technologie-Services und Digitaler Transformation. Als ein Wegbereiter für Innovation unterstützt das Unternehmen seine Kunden bei deren komplexen Herausforderungen rund um Cloud, Digital und Plattformen.