Threat Hunt Analyst

Bringing True Hospitality to the world.

We want to welcome you to a world of bringing True Hospitality to everyone.

When you join us at IHG®, you become part of our global family.

A welcoming culture of warmth, honesty and a passion for providing True Hospitality.

We pride ourselves on letting your personality and passions shine, recognizing the individual contribution you make and supporting your ambition to learn and create your own career path.

In making a difference to our guests and owners, colleagues and communities, every day is a chance to create great and unique experiences, in your own way.

With over 370,000 colleagues in nearly 100 countries sharing our values, there’s countless opportunities at your fingertips.

We’re growing; grow with us.

Summary

The role of the Threat Hunt Analyst is to develop threat hunt analytics and operationalize threat hunts in support of IHG security monitoring strategies.

The Threat Hunt Analyst will partner with Cyber Threat Intelligence, the Global SOC, and Cybersecurity Incident Response teams to develop and run intelligence-driven hunts.

The role will be primarily involved in ensuring the integrity of IHG systems and the availability and confidentiality of IHG’s sensitive data thereby protecting IHG’s trusted brands and enabling Global Technology to conduct business responsibly. The Threat Hunt Analyst will be IHG’s threat hunting SME.

Key Accountabilities

•Partner with Cyber Threat Intelligence to prioritize attacker tools, tactics, and techniques for monitoring.

•Investigate security logs and other telemetry for indicators of attack.

•Design data queries and analytics to implement security monitoring.

•Develop threat hunts and partner with the Global SOC to operationalize monitoring and response.

•Maintain and improve existing threat hunt analytics and processes.

•Provide subject-matter expertise on attacker TTPs and monitoring strategies to leadership and peer teams.

•Recommend new log sources, sensors, or other tools as necessary to improve security monitoring capabilities and coverage.

•Liaise with IT operations and engineering stakeholders to understand needs and ensure hunt quality.

•Support cyber investigations.

•Liaise with industry peers to maintain knowledge of threat hunting practices and tools.

Key Skills & Experiences

Education

Bachelor’s or Master’s degree in a cyber/information security related subject. 

Experience

5 years work-related experience in threat hunting, security monitoring, incident response, or offensive security.

Technical Skills and Knowledge

•Deep knowledge of attacker TTPs

•Expertise with data or log query languages, such as SQL, Splunk, or Kibana

•Experience developing detection rules for SIEMs, EDRs, or log aggregation platforms.

•Curiosity and a drive to find patterns in data.

•Working knowledge of post-exploitation security tools such as Mimikatz and Cobalt Strike 

•Experience conductin...