Lead proactive “hunting” activities using advanced threat network and host-based tools. Demonstrated and proven experience in cybersecurity incident discovery and event management, with the ability to identify and characterize malicious programs, and create indicators of compromise (IOCs) based on the characteristics of the malware. Must possess the ability to analyze intelligence from both internal and external sources to help identify threats within the environment. Provide support in the detection, response, mitigation and reporting of cyber threats affecting client networks with the ability to evaluate IT environments and identify security goals, objectives and requirements. Maintain and employ a strong understanding of advanced persistent threats, continuous vulnerability assessment, response and mitigation strategies used in cybersecurity operations. Maintenance, monitoring and analysis of audit logs with a strong ability to perform in-depth security forensics and analysis to effectively identify suspicious activity by detecting, tracking and remediating malicious code. Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory). Experience with reverse engineering malicious files or code. Experience with Python, Perl, Bash, PowerShell or other scripting languages required. Ability to work independently and take ownership of projects and initiatives. B.A. or B.S. from a four year accredited university or relevant security related experience. 3+ years relevant work experience in IT Security, regulatory compliance, risk management, incident response or network security with strong knowledge working as part of a SOC team. CISSP, GCIA, GCIH, GPEN, CEH not required, but a plus.