Senior Hunt & Response Analyst

at Huntress
  • $108k-$117k
  • Remote - Australia

Remote

Cybersecurity

Senior

Job description

Reports to: Manager, Hunt & Response

Location: Remote Australia

Compensation Range: $175,000 to $190,000 AUD base plus bonus and equity

What We Do:

Huntress is a fully remote, global team of passionate experts and ethical badasses on a mission to break down the barriers to cybersecurity. Whether creating purpose-built security solutions, hunting down hackers, or impacting our community, our people go above and beyond to change the security game and make a real difference.

Founded in 2015 by former NSA cyber operators, Huntress protects all businesses—not just the 1%—with enterprise-grade, fully owned, and managed cybersecurity products at the price of an affordable SaaS application. The Huntress difference is our One Team advantage: our technology is designed with our industry-defining Security Operations Center (SOC) in mind and is never separated from our service.

We protect 3M+ endpoints and 1M+ identities worldwide, elevating under-resourced IT teams with protection that works as hard as they do. As long as hackers keep hacking, Huntress keeps hunting.

What You’ll Do:

The Huntress Global Hunting & Response team has the unique honor of waking up every morning knowing we will be kicking out threat actors. This team sits alongside our 24x7 Security Operations Center team. It is a skilled team of individuals who review lower confidence signals and manage tactical incident response scenarios to aid customers out of critical intrusions.

Members of this team will get to allocate their time across Hunting efforts and Response efforts. While in Hunting mode, you will get to research new attacker tradecraft, test new theories, and review hunting data at scale for millions of endpoints. While the SOC is responding to alerts within minutes, this team is developing detections and reviewing more ambiguous signs of attacker activity on a daily & weekly basis.

In the Response side of the role, you will get to flex your incident response and forensics skills. When customers are experiencing the worst incidents of their lives, this team will step in to answer questions core to understanding the cause of an attack, the high-level activities of the attacker once in the environment, and providing remediation actions and recommendations which will help reduce or eliminate this threat occurring again in their environment.

If you love Threat Hunting, Incident Response, and Detection Engineering while in the environment and energy of a SOC, this is the role for you!

Responsibilities:

  • Perform a cadenced review of hunting data to identify compromises not found during standard SOC workflows
  • Research, develop, and test new hunting hypotheses in the form of new detections or analytics
  • Lead or support tactical incident response engagements for customers who already utilize Huntress MDR. Perform live analysis on systems to determine the root cause of an intrusion, and craft reports that summarize the intrusion with next steps to be taken
  • Perform regular rotations in the SOC to stay current and familiar with SOC day-to-day workflows
  • Perform intermediate malware analysis as part of hunting and response efforts
  • Perform OSINT as part of hunting and response efforts
  • Contribute to content creation efforts such as blogs, videos, podcasts, and webinars
  • Contribute back to community-driven projects and frameworks such as MITRE ATT&CK, HijackLIbs, and the LOLBAS Project.
  • Speak with customers to explain or summarize findings from investigations

What You Bring To The Team:

  • 3-5 years working in one or more of the following: SOC, MDR, Threat Hunting, or Incident Response role
  • Experience leading or participating in Incident Response engagements for external customers
  • Experience with tools such as osquery, Velociraptor, or leveraging EDRs to perform forensic artifact analysis on systems
  • Confident command of forensic tools - such as Ericzimmerman’s EZ tools, RegRipper, Hayabusa, or Chainsaw - and forensic artifacts - such as prefetch, jumplists, shellbags, and more
  • Deep understanding of offensive security tradecraft, particularly persistence, lateral movement, credential theft, and remote access.
  • Confidently able to track threat actors across an organization and timeline the activity
  • Strong familiarity with one or more detection languages such as Sigma, Suricata, Snort, or Yara
  • Familiarity with OSINT sources and how they can help answer questions relating to threat actor activity and infrastructure.
  • Strong familiarity with various query languages such as KQL, EQL, ES|QL, Splunk SPL
  • Intermediate malware analysis skills
  • Intermediate knowledge of Windows internals
  • Intermediate knowledge of Linux and MacOS internals a bonus
  • Strong understanding of the current threat landscape, initial access brokers, and ransomware actors.
  • Passionate and involved with the community through blogs, social media, conferences, etc
  • Experience with scripting (such as PowerShell, Python, Bash, PHP, JavaScript, or Ruby)
  • Demonstrable experience providing written and/or verbal customer-facing deliverables
  • Experience with detection and response in cloud environments such as Microsoft M365/Azure
  • Comfortable using Git to contribute to internal projects

What We Offer:

  • Fully remote work
  • 1-2 trips to the US annually for events such as Sales Kick-Off and Summer Summit!
  • New starter home office set up reimbursement ($800 AUD)
  • Generous personal leave entitlements
  • Digital monthly reimbursement ($185 AUD)
  • Superannuation
  • Healthcare Benefits
  • Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

People from all culturally diverse backgrounds, including Aboriginal & Torres Strait Islander Peoples, are encouraged to apply.

We do discriminate against hackers who try to exploit small businesses.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or any pre-employment testing or participate in the employee selection process, please direct your inquiries to [email protected] . Please note that non-accommodation requests to this inbox will not receive a response.

If you have any questions about your personal data privacy at Huntress, please visit our privacy page .

Share this job:
Please let Huntress know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at Huntress

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply