#1 Job Board for tech industry in Europe

  • Job offers
  • Cyber Threat Hunting Principal Analyst
    New

    Cyber Threat Hunting Principal Analyst

    Warszawa
    Type of work
    Full-time
    Experience
    Mid
    Employment Type
    Permanent
    Operating mode
    Hybrid

    Tech stack

      Python

      regular

      Powershell

      regular

      KQL

      regular

    Job description

    Online interview

    The Cyber Threat Hunting Principal Analyst sits within the Global Information and Cyber Security Defence (ICSD) function, in this critical role, you will leverage your expertise to proactively detect, investigate, and mitigate sophisticated external and insider threats. This is a hands-on role which is responsible for ensuring that proactive and reactive threat hunts are conducted.

    The individual may have line-management responsibilities for analysts within the Cyber Threat Hunting and Forensics Team and contribute to process, procedure and will ensure best practice is followed, to meet the WTW requirements. They will be expected to grow and develop analysts and will be part of WTW’s intelligence-led cyber defence strategy. We are looking for a collaborative and passionate hands-on technical team player, with brilliant coordination and communication skills who enjoys operating in a fast-paced environment. The successful candidate will be expected to build strong relationships with other ICSD teams, and with partner teams, and wider business stakeholders to ensure success. They must be able to balance priorities and serve as an expert in providing technical analysis, assessment, and mitigation recommendations for escalated security incidents where deep technical knowledge is required.

    The individual will work as part of a global, multi-disciplined security community with strong support across the business, contributing to fostering a security-aware culture while ensuring WTW remains a great place to work. With WTW’s large global footprint, this role offers a fascinating range of work, and occasional global travel may be required.


    The Cyber Threat Hunting and Forensic Team Principal Analyst will provide global threat hunting and forensic capability for WTW, responsibilities of this role will include:

    Global Threat Hunting

    ·      Conduct threat-hunting operations to identify and mitigate potential threats before they can impact the organization.

    ·      Develop and execute hypothesis-driven threat hunting techniques to uncover adversary tactics, techniques, and procedures (TTPs).

    ·      Deliver detailed threat analysis and reports to executive leadership and stakeholders.

    ·      Provide actionable recommendations to enhance the organization's security posture.

    ·      Develop and implement advanced log analysis and search capabilities to identify sophisticated external and insider threats.

    ·      Investigate anomalies, correlate findings with threat intelligence, and propose mitigation strategies.

    ·      Perform targeted threat-hunting campaigns using adversary TTPs and insights from system telemetry and security data sources.

    ·      Support incident investigations by providing detailed analysis and insights derived from threat-hunting operations.

    ·      Share findings, analysis, and recommendations with cross-functional teams to improve the overall security posture and incident response effectiveness.

    ·      Contribute to the design and implementation of advanced threat detection methodologies, playbooks, and automation processes to enhance hunting capabilities.

    ·      Provide thought leadership and mentorship to junior analysts, fostering a continuous learning culture within the team.

    ·      Analyze security trends and assess their impact on the organization, providing actionable insights to leadership.

    ·      Serve as an escalation point during critical cybersecurity incidents, providing incident response, Digital forensic analysis, and malware assessment to support containment, eradication, and recovery efforts.

    Conduct host and network forensics, log analysis, and evidence collection for on-premises and cloud systems, ensuring proper chain of custody and documentation.


    We are looking for a candidate for the Cyber Threat Hunting Principal Analyst who has the following:

    ·      A detail-oriented professional with a proactive mindset to stay ahead of emerging threats.

    ·      A team player who thrives in a collaborative environment and can navigate complex challenges effectively.

    ·      Someone passionate about making a tangible impact on WTW’s cybersecurity resilience

    ·      Extensive experience in cyber threat hunting, security incident response, and digital forensics in fast-paced, global environments.

    ·      Proven ability to mentor and coach analysts, fostering skill development and career growth.

    ·      Strong problem-solving and analytical skills, with the ability to influence stakeholders and drive effective decision-making.

    ·      Expertise in adversarial tactics, techniques, and procedures (TTPs), the MITRE ATT&CK framework, cyber kill chain, and hacking/post-exploitation tools.

    ·      Proficiency in interpreting and querying diverse log types (e.g., Windows Event, Web server, Firewall logs) and conducting threat hunts within SIEM and EDR tools.

    ·      Knowledge of forensic methodologies, open-source tooling, and cloud security, including incident response in cloud environments.

    ·      Experience delivering technical presentations and reports to both technical and non-technical audiences.

    ·      Familiarity with scripting languages such as Python, PowerShell, and KQL, with a functional understanding of programming concepts.

    ·      Industry-recognized certifications in Cyber Incident Response, Forensics, or Malware Analysis are a plus.

    Strong communication, collaboration, and interpersonal skills to effectively convey security and risk concepts across diverse audiences.

    Undisclosed Salary

    Permanent

    Apply for this job

    File upload
    Add document

    Format: PDF, DOCX, JPEG, PNG. Max size 5 MB

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
    Administratorem Twoich danych osobowych jest Willis Towers Watson Polska sp. z o.o., siedziba Spółki: ul. Domaniewska 34...more

    Check similar offers

    Information Security Officer

    New
    emagine Polska
    0.104K - 0.146K PLN/h
    Warszawa
    , Fully remote
    Fully remote
    Compliance Frameworks
    IT Security
    risk and threat assessments

    Solution Engineer, EmpowerID IAM

    New
    BRAVER IT SPÓŁKA AKCYJNA
    15K - 22K PLN/month
    Warszawa
    , Fully remote
    Fully remote
    SQL
    Kubernetes
    IAM

    Security Analyst

    New
    Experis Manpower Group
    26.9K - 30.2K PLN/h
    Warszawa
    , Fully remote
    Fully remote
    Firewall
    Qualys
    Network Security Principles

    Specjalista ds. Bezpieczeństwa IT

    New
    B2Bnetwork
    16.8K - 21.8K PLN/month
    Warszawa
    , Fully remote
    Fully remote
    Secure Software Development Lifecycle
    SonarQube
    WebSphere MQ

    GRC Security Analyst

    New
    Appfire
    12K - 16K PLN/month
    Warszawa
    , Fully remote
    Fully remote
    Communication Skills
    GRC focused
    CISSP