Threat Hunting Security Specialist
Engagement Overview: We are seeking an experienced Threat Hunting Security Specialist to provide a comprehensive deliverable that covers the practical aspects of threat hunting. This engagement will involve a preliminary meeting, drafting a detailed document, a walkthrough and feedback session, and the submission of a final report.
Key Deliverable Requirements: The primary deliverable should be a detailed document addressing the following aspects of threat hunting:
1. Understanding Threat Hunting
What is threat hunting, and how does it differ from traditional cybersecurity approaches?
Difference between threat hunting and SIEM automated detection
What role does threat hunting play in an organization's overall cybersecurity strategy?
2. Periodicity of Threat Hunting Activities:
Outline the recommended frequency and scheduling of proactive threat hunting activities.
Discuss scenarios or conditions that may warrant ad-hoc or on-demand threat hunting.
3. Trigger Events for Ad-hoc Threat Hunting:
Identify external events or indicators (e.g., zero-day vulnerabilities, published exploits, APT reports) that should trigger an immediate threat hunting response.
Discuss the procedure for initiating ad-hoc threat hunting activities.
4. Hypothesis Generation:
Explain the process of deriving hypotheses for threat hunting activities.
Discuss whether hypotheses should be driven by published exploits/APTs, the specifics of our environment configuration, or a combination of factors.
5. Tools and Prerequisites:
List the specific tools and technologies or logs that are required for effective threat hunting (e.g., SIEM, security sensors, endpoint monitoring).
Outline the necessary prerequisites, such as console access, permissions, and data sources.
6. Indicator of Compromise (IOC) Based Threat Hunting:
Describe the procedure followed for IOC-based threat hunting activities.
Explain the process of gathering, validating, and utilizing IOCs from various sources.
7. Challenges and Best Practices
What are some of the main challenges you encounter during threat hunting, and how do you overcome them?
What are the best practices for prioritizing and triaging potential threats identified during a hunt?
8. Frameworks and Process:
Outline the general framework or process you follow when conducting a threat hunt.
9. Final Report Format and Contents:
Define the structure and format of the final output report from a Threat Hunting exercise.
Share a sample report showing the expected contents, including findings, recommendations, and any additional relevant information.
Engagement Process:
1. Preliminary Meeting: Discuss the requirements, clarify any questions, and ensure alignment on expectations.
2. Draft Document: Prepare a draft version of the deliverable document, addressing the key sections outlined above.
3. Walkthrough and Feedback: Present the draft document, allowing for a detailed walkthrough, feedback, and clarifications.
4. Final Document Submission and Review: Incorporate feedback and submit the final report for review and acceptance.
Qualifications:
• Proven experience in threat hunting and cybersecurity incident response.
• Strong understanding of threat actor techniques, tactics, and procedures (TTPs).
• Proficiency in using various security tools and technologies (e.g., SIEM, network monitoring, endpoint protection).
-
$200.00
Fixed-price - Expert Experience Level
- Remote Job
- One-time project Project Type
Skills and Expertise
Activity on this job
- Proposals: 10 to 15
- Last viewed by client: 4 days ago
-
Interviewing:
0
-
Invites sent:
0
-
Unanswered invites:
0
About the client
- Singapore Singapore 10:56 PM
-
75 jobs posted
44% hire rate, 2 open jobs
- $29K
total spent 43 hires, 5 active
-
$66.09
/hr
avg hourly rate paid
183 hours
-
Tech & IT
Mid-sized company (10-99 people)
Explore similar jobs on Upwork
How it works
- Create your free profileHighlight your skills and experience, show your portfolio, and set your ideal pay rate.
- Work the way you wantApply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
- Get paid securelyFrom contract to payment, we help you work safely and get paid securely.
About Upwork
- 4.9/5(Average rating of clients by professionals)
- G2 2021#1 freelance platform
- 49,000+Signed contract every week
- $2.3BFreelancers earned on Upwork in 2020
Find the best freelance jobs
Growing your career is as easy as creating a free profile and finding work like this that fits your skills.
Trusted by
Other open jobs by this Client (2)
- Firewall Expert for Consulting Project (Palo Alto and Sophos) Fixed-price
- Threat Hunting Security Specialist Fixed-price