Cybersecurity Threat Hunter

**Position**: Cybersecurity Threat Hunter (Intermediate/Senior)
**Datacom Location**: Auckland Preferred for Intermediates, Anywhere in NZ for Seniors.
Our Why
Datacom works with organisations and communities across Australia and New Zealand to make a difference in people’s lives and help organisations use the power of tech to innovate and grow.
Datacom Cybersecurity Defence Operations Centre (CDOC) operates out of three locations Wellington, Auckland, and Brisbane from where we provide a full stack of Cybersecurity services including managed SOC/SIEM/EDR.
We partner with industry leaders to provide our services and to provide you with a broad technical skillset, certifications, and experience.
About The Role (Your Why)
We are currently looking for a highly skilled and motivated individual to join our Cybersecurity Incident Response Team (“CSIRT”) as a Cybersecurity Threat Hunter. CSIRT is a specialist function of CDOC who provide proactive and reactive expertise for major cybersecurity incidents. In this role, you will proactively identify and neutralise potential cyber threats in Datacom as well as its customer’s environments. Your expertise in cyber security, data analysis, and threat intelligence will be crucial in detecting and responding to emerging threats.
As per the job title, we are keen to speak to Intermediate or Senior Threat Hunters and the final position title will be discussed with the successful applicant, so whether you are a seasoned Threat Hunter with DFIR or Senior SOC experience or someone on your way to becoming such a person, you will be considered for this role.
- Important Note *

Due to the nature of the clients you will be working with you will need to be a current NZ Citizen/Permanent Resident and have the ability to pass additional security clearances which will require you to have lived in a five-eyes country for the last 5 years. We do however consider work visas for other opportunities across Datacom so please keep an eye on our careers page for any roles of interest.
What You’ll Do
As a Cybersecurity Threat Hunter, your primary responsibility will be to develop and execute threat hunt missions to locate and respond to previously undetected adversary activities.
You will actively participate in investigations focused on threat actors, help Senior Analysts create new detection methodologies, and provide expert support to incident response functions.
The main focus of your role will be to detect, disrupt, and eradicate the presence of threat actors from enterprise networks. To accomplish this mission, you will utilise data analysis, threat intelligence, and state-of-the-art security technologies.

**Responsibilities**:

- Proactively analyse logs, network traffic, system behaviour, and relevant data sources to identify potential cyber threats.
- Conduct thorough investigations into major security incidents, determining root causes, impact, and mitigation strategies. Providing expertise and support to contain, eradicate, and recover from such security incidents.
- Undertake proactive incident response consulting engagements such as developing incident response plans/playbooks and facilitating cybersecurity tabletop exercises or post incident reviews for our customers and internal teams.
- Develop and implement advanced analytics and detection techniques to enhance threat hunting capabilities and improve overall security posture.
- Stay updated on the latest cyber threats, vulnerabilities, and industry trends to enhance threat hunting methodologies and stay ahead of potential attacks.
- Design and execute proactive hunting strategies, utilising manual and automated techniques, to identify security weaknesses and indicators of compromise.
- Generate detailed hunt reports and documentation on findings, investigations, and remediation recommendations, ensuring accurate and timely communication. Brief customer stakeholders on findings, including recommendations to improve security controls and posture.
- Maintain up-to-date analysis and hunting frameworks, document findings, and create threat models and tactics to support hunt hypotheses and assess data requirements.
- Collaborate with CDOC’s Threat Intelligence team to analyse threat intelligence reports, security alerts, and other data sources to identify indicators of compromise and potential malicious activities.
- Collaborate with the CDOC Security Operations team to develop use cases covering new threat actor tactics, techniques, and procedures (“TTPs”) to optimise future detection and alerting.
- Participate in an on-call roster for major incident response.
- Occasional planned or last-minute/urgent travel to customer sites may be required for certain customer facing engagements. This may include a customer site in your home city, or travel to other customer sites within Australia and New Zealand.

What You’ll Bring
- The mindset of a hunter We are looking for someone who loves the chase and thrill of searc