Senior Threat Hunter
We\u2019re not looking for someone who waits for alerts.\nWe\u2019re looking for someone who assumes we are already compromised and\ngoes hunting.
<\/div>
<\/div>
<\/div>
<\/div>
As a Senior Threat Hunter, you will proactively identify advanced threats,\nhidden attacker behaviours, and security blind spots across endpoint, cloud,\nidentity, and SaaS environments. You will operate at the intersection of threat\nintelligence, detection engineering, and incident response \u2014 building\ncapabilities, not just running playbooks.
<\/div>
<\/div>
<\/div>
<\/div>
This role is for someone who thinks like an adversary, moves fast, and isn\u2019t\nsatisfied with \u201cno alerts found\u201d as an answer.
<\/div>
<\/div>
<\/div>
<\/div>
Key Responsibilities:<\/b>
<\/div>
<\/div>
<\/div>
<\/div>
\u2022 Design and run aggressive, hypothesis\-driven threat hunting campaigns
<\/div>
<\/div>
\u2022 Identify stealthy TTPs that bypass EDR, SIEM rules, and traditional detections
<\/div>
<\/div>
\u2022 Hunt across multi\-cloud, identity systems, endpoints, and network telemetry
<\/div>
<\/div>
\u2022 Translate intelligence into detection logic and production\-grade analytics
<\/div>
<\/div>
\u2022 Break existing detection systems and make them better
<\/div>
<\/div>
\u2022 Build reusable hunting playbooks and automation workflows
<\/div>
<\/div>
\u2022 Reduce dwell time and close telemetry blind spots\n\u2022 Partner closely with DFIR and red team to simulate real\-world attack paths
<\/div>
<\/div>
\u2022 Mentor SOC analysts and elevate overall detection maturity
<\/div><\/span>
Requirements<\/h3>
<\/div><\/span>
Requirements<\/h3>Skills and Qualifications:<\/b>
<\/div>
<\/div>\u2022 6+ years in cybersecurity with deep hands\-on experience
<\/div>\u2022 2\u20134 years in threat hunting, DFIR, red teaming, or advanced SOC roles
<\/div>\u2022 Strong command of MITRE ATT&CK and attacker tradecraft
<\/div>\u2022 Advanced query skills (KQL, SPL, SQL)
<\/div>\u2022 Experience with SIEM (Sentinel, Splunk, QRadar), EDR/XDR (CrowdStrike,\nDefender, SentinelOne), and cloud telemetry
<\/div>\u2022 Strong understanding of identity attacks, lateral movement, privilege\nescalation, persistence mechanisms
<\/div>\u2022 Ability to script in Python / PowerShell to automate investigations
<\/div>\u2022 Experience in hybrid cloud (AWS, Azure, GCP) and SaaS monitoring
<\/div>
<\/b><\/div>Bonus If You\u2019ve Done:<\/b>
<\/div>
<\/div>\u2022 Purple team exercises
<\/div>\u2022 Adversary emulation
<\/div>\u2022 Detection engineering from scratch
<\/div>\u2022 AI\-assisted detection or anomaly modelling
<\/div>\u2022 Built hunting programs in a fast\-growing company
<\/div>
<\/div>Mindset We Value:<\/b>
<\/div>
<\/div>\u2022 You question assumptions
<\/div>\u2022 You treat \u201cnormal behaviour\u201d as suspicious until proven otherwise
<\/div>\u2022 You move fast but document cleanly
<\/div>\u2022 You can explain complex attack chains to both engineers and leadership
<\/div>\u2022 You don\u2019t hide behind tools \u2014 you understand what\u2019s happening under the\nhood
<\/div>
<\/div>Why This Role Is Different:<\/b>
<\/div>
<\/div>\u2022 You won\u2019t just operate tools. You\u2019ll influence architecture.
<\/div>\u2022 You won\u2019t just investigate alerts. You\u2019ll design detections.
<\/div>\u2022 You won\u2019t just follow a SOC process. You\u2019ll help redefine it.
<\/div>
<\/div>If you\u2019re the kind of hunter who gets excited about uncovering something no\none else saw, this will feel like home.
<\/div><\/span>
Benefits<\/h3>What We Offer:<\/b>
<\/div>
<\/div>\u2022 Competitive salary and benefits package.
<\/div>\u2022 Opportunities for professional growth and advancement.
<\/div>\u2022 Exposure to cutting\-edge technologies and projects.
<\/div>\u2022 A collaborative and supportive work environment.
<\/div>
<\/div>How to Apply:<\/b> Interested candidates should submit a detailed resume and a\ncoverletter outlining their qualifications and experience relevant to the role\napplied for. Applications should be sent via our careers portal or to hr@stfox.com<\/a>
<\/div>
<\/div>St. Fox is an Equal Opportunity Employer. We celebrate diversity and are\ncommitted to creating an inclusive environment for all employees.<\/b>
<\/div><\/span>
<\/div>
<\/div>
\u2022 6+ years in cybersecurity with deep hands\-on experience
<\/div>
<\/div>
\u2022 2\u20134 years in threat hunting, DFIR, red teaming, or advanced SOC roles
<\/div>
<\/div>
\u2022 Strong command of MITRE ATT&CK and attacker tradecraft
<\/div>
<\/div>
\u2022 Advanced query skills (KQL, SPL, SQL)
<\/div>
<\/div>
\u2022 Experience with SIEM (Sentinel, Splunk, QRadar), EDR/XDR (CrowdStrike,\nDefender, SentinelOne), and cloud telemetry
<\/div>
<\/div>
\u2022 Strong understanding of identity attacks, lateral movement, privilege\nescalation, persistence mechanisms
<\/div>
<\/div>
\u2022 Ability to script in Python / PowerShell to automate investigations
<\/div>
<\/div>
\u2022 Experience in hybrid cloud (AWS, Azure, GCP) and SaaS monitoring
<\/div>
<\/b><\/div>
<\/div>
<\/b><\/div>
Bonus If You\u2019ve Done:<\/b>
<\/div>
<\/div>
<\/div>
<\/div>
\u2022 Purple team exercises
<\/div>
<\/div>
\u2022 Adversary emulation
<\/div>
<\/div>
\u2022 Detection engineering from scratch
<\/div>
<\/div>
\u2022 AI\-assisted detection or anomaly modelling
<\/div>
<\/div>
\u2022 Built hunting programs in a fast\-growing company
<\/div>
<\/div>
<\/div>
<\/div>
Mindset We Value:<\/b>
<\/div>
<\/div>
<\/div>
<\/div>
\u2022 You question assumptions
<\/div>
<\/div>
\u2022 You treat \u201cnormal behaviour\u201d as suspicious until proven otherwise
<\/div>
<\/div>
\u2022 You move fast but document cleanly
<\/div>
<\/div>
\u2022 You can explain complex attack chains to both engineers and leadership
<\/div>
<\/div>
\u2022 You don\u2019t hide behind tools \u2014 you understand what\u2019s happening under the\nhood
<\/div>
<\/div>
<\/div>
<\/div>
Why This Role Is Different:<\/b>
<\/div>
<\/div>
<\/div>
<\/div>
\u2022 You won\u2019t just operate tools. You\u2019ll influence architecture.
<\/div>
<\/div>
\u2022 You won\u2019t just investigate alerts. You\u2019ll design detections.
<\/div>
<\/div>
\u2022 You won\u2019t just follow a SOC process. You\u2019ll help redefine it.
<\/div>
<\/div>
<\/div>
<\/div>
If you\u2019re the kind of hunter who gets excited about uncovering something no\none else saw, this will feel like home.
<\/div><\/span>
Benefits<\/h3>
<\/div><\/span>
Benefits<\/h3>What We Offer:<\/b>
<\/div>
<\/div>\u2022 Competitive salary and benefits package.
<\/div>\u2022 Opportunities for professional growth and advancement.
<\/div>\u2022 Exposure to cutting\-edge technologies and projects.
<\/div>\u2022 A collaborative and supportive work environment.
<\/div>
<\/div>How to Apply:<\/b> Interested candidates should submit a detailed resume and a\ncoverletter outlining their qualifications and experience relevant to the role\napplied for. Applications should be sent via our careers portal or to hr@stfox.com<\/a>
<\/div>
<\/div>St. Fox is an Equal Opportunity Employer. We celebrate diversity and are\ncommitted to creating an inclusive environment for all employees.<\/b>
<\/div><\/span>
<\/div>
<\/div>
\u2022 Competitive salary and benefits package.
<\/div>
<\/div>
\u2022 Opportunities for professional growth and advancement.
<\/div>
<\/div>
\u2022 Exposure to cutting\-edge technologies and projects.
<\/div>
<\/div>
\u2022 A collaborative and supportive work environment.
<\/div>
<\/div>
<\/div>
<\/div>
How to Apply:<\/b> Interested candidates should submit a detailed resume and a\ncoverletter outlining their qualifications and experience relevant to the role\napplied for. Applications should be sent via our careers portal or to hr@stfox.com<\/a>
<\/div>
<\/div>
<\/div>
<\/div>
St. Fox is an Equal Opportunity Employer. We celebrate diversity and are\ncommitted to creating an inclusive environment for all employees.<\/b>
<\/div><\/span>
<\/div><\/span>