SOC Threat Hunter

Who is BTO Research? 🌍

BTO Research is a consulting firm, part of the Relatech Group, that has been supporting its clients in innovative projects for over 15 years, ensuring a customized approach to meet market challenges.

Founded in 2008, we have gathered and enhanced the historical experience of consulting to which we have added two key elements: research and innovation.

This journey has led us to a team of over 300 professionals across four countries, with numerous projects and the most cutting-edge knowledge in Project Management, Digital Transformation, Change Management, Cybersecurity and Digital Marketing.

We believe in the value of excellence and promote an environment where people can grow together, thanks to the contamination between different skills.

Are you eager to bring your experience and knowledge as SOC Threat Hunter into one of our client?

Your role 💼

We are looking for a SOC Threat Hunter, in this role you will be responsible for conducting threat hunting exercises, customer and data source onboarding, process automation, and developing new solutions. You will also support junior CTI and SOC analysts, particularly during escalations, and assist the SOC Lead in managing major incidents. Additionally, you will create Splunk alerts, dashboards, and reports based on stakeholder requirements and ensure that processes are properly documented.

Key Responsibilities:

• Conduct threat hunting exercises, onboard customers and data sources, and automate processes while developing new solutions.
• Provide support to junior CTI and SOC analysts, especially in case of escalations.
• Assist the SOC Lead in managing major incidents and guide junior analysts through the resolution of minor incidents.
• Create and manage Splunk alerts, dashboards, and reports based on stakeholder requirements.
• Identify opportunities for tuning or improvement in the SIEM and collaborate with engineers for implementation.
• Ensure proper documentation of processes and maintain existing documentation.
• Lead monthly SOC reporting activities.

Requirements 💡

• Bachelor’s or Master’s degree in Computer Science, Software Engineering, Information Security, or a related technical field.
• 3+ years of experience in the cybersecurity field, with a focus on Security Operations and Incident Response.
• English language is required, fluency in French and/or Italian is a plus.
• Proficiency in using Splunk as a SIEM, with intermediate skills in SPL query language.
• Experience with security tools such as AV/EDR, vulnerability scanners, TIP, IPS/NDR.
• Familiarity with at least one programming/scripting language (e.g., Python).
• A strong passion for IT and cybersecurity, with a willingness to stay up to date on the latest trends and topics in the field.
• Ability to balance best practices and problem-solving in practical situations, taking into account stakeholder considerations regarding risks and reasoning.
• Certifications such as SANS/GIAC GCIH (Certified Incident Handler), CompTIA CySA+ (Cybersecurity Analyst+), Security Blue Team BTL2 (Blue Team Level 2), or Splunk Power User are highly desirable.
• Previous experience in the Financial Services or Managed Security Service Provider (MSSP) industries is a plus.
• Experience in areas such as digital forensics, malware analysis, threat intelligence, security engineering, cloud security, or network security is advantageous.

What does being a BTOers mean? 💪🏻

Being able to join a dynamic, inclusive and innovative environment, working closely with professionals;

Being part of a flexible, goal-oriented team, because for us, it’s the results that matter more than the number of hours in the office;

Have access to corporate conventions and discounts.

Are you ready to give your contribution to BTO? 🚀

Submit your CV and get ready to shape the future of business with us!