Threat Hunter
What We Do
Managing cyber risk, together – Today the modern enterprise is an Enterprise of Things. We are on a mission to secure the Enterprise of Things with active defense by identifying, segmenting, and enforcing compliance of every connected thing in a real-time and at scale. Our unified security platform enables enterprises and government agencies to focus on Zero Trust segmentation, IT/OT convergence, and OT/ICS innovation, all supporting our mission and vision.
Join us as we secure the world with our products. We are looking for resourceful individuals to collaborate as one team while ensuring a world-class customer experience. We are cyber-obsessed about addressing the world’s most challenging security problems. Innovation starts here, everyone’s ideas are valued, visionaries welcomed!
What You Will Do
Forescout is currently seeking a Cyber Threat Hunter to join a growing hunt team. Our Cyber Threat Hunting is part of SOC team within Forescout’s MSSP function to strengthen our customers defensive posture. This team works and collaborates with data science, threat research, and SOC teams to identify opportunities to use and improve telemetry, develop methods to investigate emerging tactics and techniques to help secure critical infrastructure of our clients around the world.
Threat hunting is more than finding the “new badness” in our client’s environment and more than the usual slogan “finding the needle in the haystack”. For us it is more about understanding the nature of the needle, the composition of the haystack, and LAYERing where the next needle might fall.
The role is responsible for analyzing and correlating large data sets to understand the environment, identify its telemetry and investigate its uniqueness. The role will also include using our threat hunt framework and methodologies to identify hidden security risks, uncover visibility gaps, while aligning hunting activities with business priorities and leveraging contextual intelligence to reduce mean time to detection (MTTD) and minimize potential breach impact
The ideal candidate will have a strong background in IT security and is comfortable with both customer-facing and security implementation roles.
Principal Duties & Responsibilities –
- Proactive Threat Hunt:
- Understand attack motivations and techniques by correlating threat data from various sources to simulate and validate hunt coverage (e.g., MITRE ATT&CK, red team findings, threat simulation)
- Operationalize threat intelligence into actionable hunts and utilize various data analysis methods to identify unknown risks within our clients’ network infrastructure.
- Apply scientific and technical knowledge to hunt problems to produce and communicate intelligence on the cyber threat landscape, including cyber threat actors, malware, vulnerabilities, and adversarial TTPs to cater different stakeholders
- Detection Strategies: Continuously improve the service by identifying gaps in knowledge and correcting them. Like collaborating with internal data science team to translate hunt findings into detection rules, analyzing disparate data sources to understand its value, developing dashboards, and automation playbooks in partnership with SOC.
- Investigate: Investigate and analyze security incidents to determine the root cause, scope, and impact of potential cyber threats.
- Mitigation Strategies: Develop and recommend mitigation strategies, countermeasures, and best practices to enhance clients’ cybersecurity posture and resilience against cyber threats.
- Collaborate with Stakeholders: Work closely with cross-functional teams, including IT, security operations, incident response, threat intelligence, and management, to communicate findings, provide recommendations, and ensure timely response to cyber threats.
- Stay Current with Cybersecurity Trends: Continuously monitor and research emerging cybersecurity threats, vulnerabilities, and industry best practices to stay ahead of evolving cyber threats.
What You Will Bring To Forescout
- Technical Proficiency: Knowledge of network, endpoint, cloud platforms (AWS, Azure, GCP), containers technology and their telemetry to identify “when to start worrying and sound alarm”
- Knowledge on hunt methodologies, adversary TTPs, threat intelligence, and frameworks such as MITRE ATT&CK, Cyber Kill Chain, and Diamond Model.
- Ability to adapt to varying-scale enterprise environments to conduct threat hunts.
- Ability to use at least one popular programming language (Python, Go) and one data query language (KQL, SQL)
- Experience in conducting research on either APTs or cybercrime with the ability to adapt to focus on broader threat landscape
- Detection Engineering: Experience in building and utilizing analytical rules/queries from hunts, ability to create data visualizations and document new procedures/runbooks/playbooks to assist other analysts.
- Analytical Skills: Analytical and problem-solving skills with the ability to analyze large datasets, identify patterns, and correlate disparate events to identify potential opportunities.
- Communication Skills: Effective communication skills with the ability to articulate complex technical concepts to both technical and non-technical stakeholders.
- Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Incident Handler (GCIH) are preferred.
- Experience: Minimum of 3-5 years of experience in cybersecurity roles, with specific experience in threat hunting, incident response, DFIR, or security operations. Experience in a SOC (Security Operations Center) environment is highly desirable.
- Nice to have:
- Experience with machine learning or statistical modeling
- Experience with developing agentic frameworks
What Forescout Offers You
Our visionary leadership team fosters an environment that encourages professional growth and development. We champion a diverse and inclusive culture that cultivates collaboration and innovation, where our team can make a global impact on security while working with industry-leading technology. We take pride in offering a competitive total compensation package. If you have a strong work ethic, are visible and lean in, you will be recognised. We are in growth mode and there is a ton of opportunity at Forescout. Apply now to find out more!
More About Forescout
The Forescout 4D Platform™ provides complete asset intelligence and control across IT, OT, IoT, and IoMT environments. For more than 20 years, Fortune 100 organizations, government agencies, and large enterprises have trusted Forescout as their foundation to manage cyber risk, ensure compliance, and mitigate threats. With seamless context sharing and workflow orchestration across more than 100 full-featured security and IT product integrations, Forescout makes every cybersecurity investment more effective. Learn more at www.Forescout.com.
Our Mission
To continuously identify, protect, and ensure the compliance of all cyber assets across the modern organisation.
Our Vision
A world where every cyber asset is seen, secure and compliant.
Our Cultural Values
- Cyber Obsessed – We are curious about technology, and we are innovative and passionate about solving big programs.
- Customer Driven – We listen, we learn, and we make it right.
- Collaborative, without Ego – No one succeeds alone. We strive to be the humble person that people want to work with.
- Relentless – We're smart, determined, and find a way. We figure stuff out.
- One Team – We all work together, and we all win together.
Our DEI Statement
At Forescout, we are committed to fostering a diverse, equitable, and inclusive workplace. We believe that diversity of background, experiences, and perspectives leads to innovation, creativity, and better decision making. We strive to create an environment where all team members feel valued, respected, and empowered. We actively promote equal opportunities and fair treatment for all individuals, regardless of their race, religion, colour, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, disability, status as a protected veteran, or any other characteristic protected by law. By embracing Diversity, Equity and Inclusion, we aspire to build a successful culture where we work together and win together as One Team.
NOTE TO EMPLOYMENT AGENCIES:We value the partnerships we have built with our preferred vendors. Forescout does not accept unsolicited resumes from employment agencies. All resumes submitted by employment agencies directly to any Forescout employee or hiring manager in any form without a signed Employment Placement Agreement on file and search engagement for that position will be deemed unsolicited in nature.
No fee will be paid in the event the candidate is subsequently hired as a result of the referral or through other means.
#LI-VS1
Forescout Technologies is proud to be an Equal Employment Opportunity Employer. We value and embrace diversity, equality, inclusion, and collaboration at the core of our “One Team” philosophy. We do not discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.