CrawlJobs Logo

Lead IT Threat Hunt Analyst

AMTRAK

Location Icon

Location:
United States

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

103700.00 - 134460.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Lead IT Threat Hunt Analyst proactively identifies and neutralizes cyber threats in critical infrastructure environments before they impact the organization. This role performs a broad range of complex technical and professional work functions to identify, investigate, analyze, and remediate existing threats that evade signatured detection strategies across Amtrak’s IT and OT environments. This position ensures compliance of security policies and procedures thru effective security controls, identifying risks and control gaps, areas of process improvement and solutions.

Job Responsibility:

  • Conduct proactive, intelligence-driven threat hunts to identify adversary activity, cyber risks and anomalies, identifying and investigating potential threats to critical infrastructure and operations
  • Evaluate, analyze and synthesize large quantities of data to uncover anomalous activity capable of introducing risk to Amtrak environments
  • Search for potential vulnerability exploitation, post-compromise activity or security control gaps based on emerging and known adversary tactics, techniques and procedures (TTPs), user behavior, endpoint threat detection, network behavior analytics, machine learning-derived trends and external threat reports
  • Review EDR telemetry, Firewall, IDS/IPS logs, web content filtering logs, net flow device logs, antivirus logs
  • Work closely with other cybersecurity teams (detection engineering, threat intelligence, incident response and security operations) and operational technology service owners to escalate anomalous findings, contribute to detection logic improvements and verify security control implementations
  • Support and participate in formal reporting related to threat hunt findings, implementation of security controls and improvements to Cyber Security Operations processes
  • Capture hunt byproducts indicative of poor cyber hygiene practices, company policy violation or misuse
  • support incident investigations, as needed
  • Participate in the evaluation and recommendation of hardware and software systems that provide security functions
  • Respond and resolve problems, security incidents and forensic investigations, as needed
  • Develop and document workflow, hunt and investigative methodology, and technical standards and assist in cyber fusion analyst upskilling and mentoring
  • Investigate, resolve and escalate problems. Monitor and analyze metrics to ensure customer satisfaction and vendor performance
  • Propose improvements and assist with the implementation of enterprise-wide security standards, procedures and guidelines

Requirements:

  • Bachelor’s Degree in Computer Science, Information Systems, or related field
  • Professional security‐related certifications (e.g. GIAC Certified Forensic Analyst (GCFA), Certified Information Systems Security Professional (CISSP), or equivalent)
  • Enterprise security experience in threat intelligence, investigative and hunt methodologies, detection engineering, security operations and/or incident response
  • Knowledge of Mitre ATT&CK matrices (Enterprise, ICS, Cloud) to map adversary tactics, techniques and procedures (TTPs) and inform structured hunts
  • Knowledge of OS triage artifact analysis and incident investigative methods
  • Strong analytical skills and proficiency with SIEM, EDR, CASB, IDS/IPS, AV, DLP UEBA, FW, and forensic investigative technologies
  • Ability to design and review multi-source correlation queries using Kusto, Kibana and/or Structured query languages, across endpoint, cloud, network, application and identity data

Nice to have:

  • Master's degree in Information Technology, Cyber Security, or equivalent
  • Experience with scripting languages
  • 8+ years of experience in cyber security specialization (threat hunt, security operations, compliance, information security program management, continuous monitoring, vulnerability assessment)
  • Knowledge and familiarity with Operational Technology (OT), Industrial Controls Systems (ICS) or Supervisory Control and Data Acquisition (SCADA) systems
What we offer:
  • health, dental, and vision plans
  • health savings accounts
  • wellness programs
  • flexible spending accounts
  • 401K retirement plan with employer match
  • life insurance
  • short and long term disability insurance
  • paid time off
  • back-up care
  • adoption assistance
  • surrogacy assistance
  • reimbursement of education expenses
  • Public Service Loan Forgiveness eligibility
  • Railroad Retirement sickness and retirement benefits
  • and rail pass privileges

Additional Information:

Job Posted:
December 18, 2025

Employment Type:
Fulltime
Work Type:
Remote work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Lead IT Threat Hunt Analyst

Cyber Security Soc Analyst

The SOC Analyst (L1/L2) and Lead are responsible for proactive monitoring, detec...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong knowledge of SIEM platforms and alert investigation
  • Advanced incident response, malware analysis, and RCA expertise
  • Deep knowledge of endpoint and network security tools
  • Threat hunting and forensic investigation capabilities
  • Familiarity with vulnerability management and DLP/email security
  • Experience with threat intelligence platforms and TTP mapping
  • Strong analytical, communication, and documentation skills
  • Guide development of SOC procedures/runbooks and continuous improvement initiatives
  • Administer DLP and email security systems
  • Operate Microsoft Defender for Endpoint, conduct threat hunting via EDR telemetry and memory dumps
Job Responsibility
Job Responsibility
  • Proactive monitoring, detection, investigation, and response to security threats using industry-leading solutions
  • Guide and architect SOC workflows and systems to ensure robust organizational security
  • Threat hunting and forensic investigation
  • Administer DLP and email security systems
  • Operate Microsoft Defender for Endpoint, conduct threat hunting via EDR telemetry and memory dumps
  • Use, configure, and optimize SIEM tools (Splunk, IBM QRadar, Microsoft Sentinel, LogRhythm, ArcSight, Elastic SIEM) for threat identification and alert management
  • Guide development of SOC procedures/runbooks and continuous improvement initiatives
  • Leadership and team management
What we offer
What we offer
  • Inclusive and respectful work environment
  • Positions open to people with disabilities
  • Fulltime
Read More
Arrow Right

Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
184500.00 - 246000.00 PLN / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience: 3+ years in security domains like Operations, Incident Response, Detection Engineering, Threat Research, or Engineering, with relevant incident response and investigation experience
  • Technical Skills: Proficiency in modern programming languages (Python, Ruby, Java, Go) or scripting for security tasks
  • experience with AWS, GCP, or similar cloud platforms
  • Project Management: Experience in building and delivering projects from start to finish
  • Specialization: Expertise in areas such as malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Community Engagement: Contributions to the security community or open source projects
  • Communication: Capable of explaining technical issues to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Security Incident Management: Act as an escalation point, collaborate with partners, communicate updates, and work towards resolution
  • participate in on-call roster and conduct post-incident reviews to analyze causes and recommend improvements
  • Investigation and Analysis: Investigate log data from multiple sources for signs of compromise, conduct threat hunts, research threat actor tools and tactics, and lead evidence collection and forensic analysis
  • Technical Solutions and Automation: Provide technical solutions to reduce incidents, build and maintain tools for automation, and develop security incident response guides and procedures
  • Advocacy and Training: Advocate for security best practices and secure coding standards, and conduct tabletop exercises and simulations to test and improve incident response readiness
What we offer
What we offer
  • Health and wellbeing resources
  • paid volunteer days
  • equity
  • bonuses
  • commissions
  • Fulltime
Read More
Arrow Right

Security Operations Analyst I

Our Security Operations Analyst I position supports our Virtual Network and Secu...
Location
Location
United States , North Wilkesboro
Salary
Salary:
Not provided
infusionpoints.com Logo
InfusionPoints
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • AS/BS degree in Information Technology, Computer Science, Engineering or related field
  • 1-3 years of hands-on deep technical experience
  • Security analysis, threat hunting, forensics, flow analysis, and log management experience
  • IDS/IPS management, PCAP carving, file extraction, and long tail analysis experience
  • Strong understanding of attacker tactics, techniques, and procedures
  • Understanding of endpoint and network security
  • Experience with or knowledge of vulnerability management and penetration testing of systems, applications, and networks
  • General understanding of industry standards, compliance, and legal guidelines: ISO 27001, FedRAMP, NIST 800-171, NIST 800-53, SOC 2, and HIPAA
  • Self-starter able to drive towards goals and manage time effectively
  • Analytical and the ability to think on the fly
Job Responsibility
Job Responsibility
  • Perform event and incident triage, threat hunting, and incident response
  • Use industry-leading commercial and open source software to detect, evaluate, triage, prioritize, and respond to security events
  • Support research and development, security module creation, automation, and process improvement
  • Support vulnerability management and penetration tests
  • Write both technical and executive incident reports when called upon
  • Continuous learning and improvement of security analysis skills to match current technical security challenges and innovations
What we offer
What we offer
  • competitive compensation and benefits package
  • Fulltime
Read More
Arrow Right

Senior Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
256000.00 - 342000.00 PLN / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in security domains like Operations, Incident Response, Detection Engineering, Threat Research, or Engineering, with relevant incident response and investigation experience
  • Proficiency in modern programming languages (Python, Ruby, Java, Go) or scripting for security tasks
  • Experience with AWS, GCP, or similar cloud platforms
  • Experience in building and delivering projects from start to finish
  • Expertise in areas such as malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Contributions to the security community or open source projects
  • Capable of explaining technical issues to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Security Incident Management: Act as an escalation point, collaborate with partners, communicate updates, and work towards resolution. Participate in on-call roster and conduct post-incident reviews to analyze causes and recommend improvements
  • Investigation and Analysis: Investigate log data from multiple sources for signs of compromise, conduct threat hunts, research threat actor tools and tactics, and lead evidence collection and forensic analysis
  • Technical Solutions and Automation: Provide technical solutions to reduce incidents, build and maintain tools for automation, and develop security incident response guides and procedures
  • Advocacy and Training: Advocate for security best practices and secure coding standards, and conduct tabletop exercises and simulations to test and improve incident response readiness
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Cyber Security-Fraud Analyst

The L2 Support Fraud Detection Senior Analyst is a pivotal team member responsib...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Tools: Octoflow, Mosaic
  • conduct investigations and reporting using Octoflow and Mosaic platforms
  • provide recommendations based on analytics derived from these tools
  • support secure integration of APIs and web services within fraud detection platforms
  • liaise with developers to validate and enhance security features in applications
  • analyse and correlate logs using SIEM solutions to identify and remediate suspicious activity
  • respond to real-time alerts and participate in threat hunting operations
  • integrate threat intelligence feeds into operational systems
  • regularly update detection mechanisms in response to emerging risks
  • lead and document the resolution of escalated fraud incidents
Job Responsibility
Job Responsibility
  • Conduct investigations and reporting using Octoflow and Mosaic platforms
  • provide recommendations based on analytics derived from these tools
  • support secure integration of APIs and web services within fraud detection platforms
  • liaise with developers to validate and enhance security features in applications
  • analyse and correlate logs using SIEM solutions to identify and remediate suspicious activity
  • respond to real-time alerts and participate in threat hunting operations
  • integrate threat intelligence feeds into operational systems
  • regularly update detection mechanisms in response to emerging risks
  • lead and document the resolution of escalated fraud incidents
  • collaborate with cross-functional teams for swift containment, investigation, and recovery
What we offer
What we offer
  • Inclusive and respectful work environment
  • positions open to people with disabilities.
  • Fulltime
Read More
Arrow Right

Operations Security Consultant

The Operations Security Consultant is responsible for the end-to-end management ...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8 to 12 years experience
  • B.E./ B.Tech./ MCA degree
  • Hands-on expertise with QRadar SIEM, SOC operations, and incident response
  • Proficiency in security frameworks: NIST CSF, CIS Controls, DORA, GDPR
  • Experience with vulnerability management, threat hunting, and risk assessment methodologies
  • Familiarity with automation, SOAR solutions, and operational workflow optimization
  • Strong experience on at least one technical environment: Cloud (AWS/Azure), Mainframe, Datawarehouse, Database, O365
  • CISSP or CISM certification preferred
Job Responsibility
Job Responsibility
  • Oversee Daily security operations and maintain operational excellence
  • Manage 24/7 monitoring, triage, investigation, and resolution of security incidents via SIEM (QRadar)
  • Coordinate incident management efforts across internal teams and external stakeholders
  • Develop, fine-tune, and manage security detection rules, use cases, and threat intelligence integration
  • Implement continuous improvement processes using KPIs, operational reviews, and performance metrics
  • Manage Lead SOC analysts, threat hunters, and incident responders
  • Facilitate collaboration across engineering, compliance, and client teams
  • Ensure compliance with ISO 27001, NIST CSF, CIS Controls, DORA, GDPR, and client-specific standards
  • Lead preparation of audits, client reports, and executive dashboards
  • Maintain risk treatment plans aligned with ISO 27001 standards
What we offer
What we offer
  • Commitment to fighting against all forms of discrimination
  • Inclusive and respectful work environment
  • Positions open to people with disabilities
  • Fulltime
Read More
Arrow Right

Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in any security domain: Operations, Incident Response, Detection Engineering, Threat Research, or Engineering
  • Relevant work experience for responding to incidents and conducting investigations
  • Fluency in any modern programming languages (preferably Python, Ruby, Java or Go) or experience scripting to complete security tasks
  • Experience with AWS, GCP, or a similar cloud service platform
  • Self-motivated and results-oriented
  • Experience building and delivering projects from start to finish
  • Passion for collaboration and strong interpersonal skills
  • Specialization in one or more areas: malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Contributions to the security community or open source projects
  • Excellent written and verbal communication skills, including the ability to explain technical issues to non-technical stakeholders.
Job Responsibility
Job Responsibility
  • Act as an escalation point for security incidents, collaborating with stakeholders and communicating updates while actively working towards the resolution of incidents
  • Investigate and analyze log data stemming from security events across multiple sources to determine signs of compromise
  • Conduct post-incident reviews to analyze the root cause, assess the response, and recommend improvements
  • Participate in the on-call roster for security incident response
  • Deliver technical solutions to mitigate security incidents and enhance incident response capabilities
  • Advocate for security best practices and secure coding standards across the organization
  • Conduct threat hunts to identify new attack vectors and develop strategies to counteract them
  • Research tools and tactics employed by threat actors
  • Build and maintain tools and systems to automate response processes and improve efficiency
  • Develop and maintain security incident response playbooks and standard operating procedures
What we offer
What we offer
  • Health and wellbeing resources
  • Paid volunteer days
  • Support for accommodations or adjustments during recruitment process
  • Fulltime
Read More
Arrow Right
New

Social Worker

The primary function of the MSW is to provide coordinated care in the home to cl...
Location
Location
United States , Clermont
Salary
Salary:
Not provided
angelscarehealth.com Logo
Angels Care Home Health
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s degree in social work
  • State Certification
  • current State Driver’s License
  • One year of experience as an MSW in a health care agency
  • Working knowledge of community resources
  • Proof of current CPR and Hepatitis profile
Job Responsibility
Job Responsibility
  • Provide coordinated care in the home to clients of all age groups
  • Perform psychosocial assessments, analysis, counseling, and referrals to meet the needs of the patient/family
  • Assess home health patient to identify psychosocial, financial, environmental, and community needs
  • Use effective interpersonal relations and communication skills
  • Meet mandatory continuing education requirements
  • Maintain a working knowledge of public and private eligibility standards
  • Promote Agency philosophy and administrative policies to ensure quality of care
What we offer
What we offer
  • Generous Paid Time Off
  • Extensive Training
  • Full Health, Dental, & Vision Benefits (Available 1st Month)
  • Company-Matched 401(k)
  • Career Advancement
  • Parttime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs Spain Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy