Threat Hunter/Security Tester DescriptionJob #: 86426
Selected by Newsweek as a 2021 and 2022 Most Loved Workplace, EPAM's global multi-disciplinary teams serve customers in more than 50 countries across six continents. As a recognized leader, EPAM is listed among the top 15 companies in Information Technology Services on the Fortune 1000 and ranked four times as the top IT services company on Fortune's 100 Fastest Growing Companies list. EPAM is also listed among Ad Age's top 25 World's Largest Agency Companies for three consecutive years, and Consulting Magazine named EPAM Continuum a top 20 Fastest Growing Firm.
Learn more at www.epam.com and follow EPAM on Twitter and LinkedIn.
Do you have an investigator's mindset, and intuitively know how to uncover malicious activity? Do you have a deep understanding of computer operating systems and the realities of enterprise IT estates? Do you like data? In this role you will be responsible for analyzing and correlating large data sets to uncover novel threats and attach techniques that may be present within our client’s environment.
You will be working as a Threat Tester for the Threat Hunting team, which sits within the Insider Threat function of our client, located in Zürich. The team is charged with hunting for unknown and undetected threats and responding to incidents when they are identified.
Threat hunting analysts are located in the major centers of Zürich, New Jersey, Singapore and Israel, but examine data from our offices all over the world (with some exceptions).
We are refining and building cutting edge capabilities to deliver a world-class Threat Hunting service
- Analyzing and correlating large data sets to uncover novel threats and attach techniques, processing and manipulating data in a variety of platforms and formats
- Interpreting structured and unstructured intelligence to determine what is critical for meeting your detection objectives
- Contributing to the production of tactical, operational and/or strategic cyber threat intelligence assessments
- Identifying attacker techniques and responding to incidents
- Assisting incident response teams with major incidents as required
- 6+ years’ experience with Threat Hunting or Incident Response, which enables you to recognize malicious activity within a sea of noise
- Deep knowledge of digital forensics, computer operating systems and enterprise network infrastructure
- Strong knowledge of malware and exploit
- Experience with offensive security tools and attack techniques
- Competence with one or more programming/query languages - experience with Python, PowerShell and SQL is preferred
- A strong understanding of how to make sense of security and forensic data
- Experience working with large data set and tools/technologies such as Spark, PySpark, Pandas, Hadoop, Cloudera, Databricks
- A bachelor's degree, preferably within an Information Security related discipline, or equivalent experience
- Experience with Cloud environments, preferably Azure
- Having incident response experience and understands how EDR tools work behind the user interface
- Initiative and creative thinking to achieve solutions to complex problems
- A team-player personality with strong communication skills and ability to mentor junior colleagues
- Competitive compensation depending on experience and skills
- Knowledge-sharing across EPAM's global Tech Communities
- Unlimited access to LinkedIn learning solutions
- Relocation support as per EPAM relocation policies
- EPAM Community with regular corporate and social events
- Career growth, performance and compensation reviews
- EPAM Employee Stock Purchase Plan (ESPP) (subject to certain eligibility requirements)
- Please note that any offers will be subject to appropriate background checks
- We do not accept CVs from recruiting or staffing agencies
- For this position, we are able to consider applications from the following:
- Swiss nationals
- EU/EFTA nationals
- Third-country nationals based in Switzerland with an appropriate work permit
- Displaced people from Ukraine who are currently in Switzerland and hold, or have already applied