Responsible for running Rapid Response incidents, including coordinating with other departments, and owning the process end-to-end.
Conducts research on emerging adversary tradecraft to help scope and conduct hunt missions
Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported
Huntress is a fully remote, global team of passionate experts and ethical badasses on a mission to break down the barriers to cybersecurity. Founded in 2015 by former NSA cyber operators, we protect all businesses with enterprise-grade, fully owned, and managed cybersecurity products at the price of an affordable SaaS application.
Define and mature the Adversary Pursuit program, directing threat hunts and technical table top exercises.
Identify and prioritize areas for improvement based on threat hunt findings.
Collaborate with Offensive Security to enhance threat detection and Security Operations to improve response capabilities.
Flock Safety is a safety technology platform, helping communities by providing a proactive approach to crime prevention and security. They connect cities, law enforcement, businesses, schools, and neighborhoods in a nationwide public-private safety network.
Conducts threat monitoring and analysis using threat detection tools.
Builds and maintains security infrastructure and system performance.
Triages alerts from detection platforms, identifying false positives and escalating attacks.
Nuvalent is dedicated to creating selective medicines with expertise in chemistry, specifically designed to meet the needs of cancer patients. They are an early-stage company that brings together experienced scientists and industry veterans with a history in oncology drug development and company building.
Use all-source intelligence to monitor security incidents and trends.
Support the Client’s trust and safety function to monitor and respond to issues.
Escalate security incidents to client stakeholders, following efficient procedures.
Sibylline is a leading intelligence and strategic risk consultancy in the security sector. Since 2010 they have supported businesses, governments and NGOs through the provision of high-quality risk analysis, due diligence and consultancy services.
Perform host/network based forensic investigations to collect and preserve evidence related to incidents
Managing incoming queues of detection alerts, threat reports and security incidents
Prioritizing and triaging competing incidents to maintain Service Level Agreements (SLA)
Nielsen provides powerful insights that drive client decisions and deliver extraordinary results, enabling a better media future. They are a dynamic global workforce committed to capturing audience engagement with content, standing at the forefront of the media revolution.
Acting as a senior escalation point and incident coordinator for security incidents across Canva’s cloud, endpoint, and SaaS environments.
Leading and actively participating in security incident response, from initial detection through investigation, containment, eradication, and recovery.
Performing deep forensic analysis to determine scope, impact, and root cause, and translating technical findings into clear outcomes for stakeholders.
Canva is a design platform. They have campuses in Sydney and Melbourne and co-working spaces in Brisbane, Perth and Adelaide.
Manage Google SecOps/SIEM for threat detection, alerting, and investigation workflows.
Administer Thycotic/Delinea Secret Server for privileged credential management.
Maintain and configure Cyberhaven DLP for data loss prevention.
Redapt Inc. is a data center infrastructure integrator, technology engineering firm, and cloud services provider. They deliver innovative solutions and services that power our customers' most demanding applications and enable them to extract powerful insights from data.
Provide security monitoring and incident response of cyber security events.
Monitor and analyze logs and alerts to identify actionable security incidents.
Provide proactive “threat hunting” to detect incidents.
SonicWall is a cybersecurity company with more than 30 years of expertise. They are recognized as a leading partner-first company, ensuring their partners and their customers are never alone in the fight against cybercrime.
Lead the identification, triage, and validation of security incidents, acting as the ultimate escalation point for the SOC.
Drive organizational incident readiness by designing and executing practical response exercises to ensure first responders are prepared at all levels.
Lead cross-functional Post-Incident Reviews to extract critical lessons; drive specific tooling and process enhancements that harden organizational defenses.
Huntress is a fully remote, global team of passionate experts and ethical badasses on a mission to break down the barriers to cybersecurity. Founded in 2015 by former NSA cyber operators, Huntress protects all businesses with enterprise-grade, fully owned, and managed cybersecurity products. They protect 4M+ endpoints and 7M+ identities worldwide, elevating underresourced IT teams with protection that works as hard as they do.
24/7 monitoring and alert triage across SIEM/EDR/cloud security tooling; identify false positives vs. credible threats and set appropriate severity.
Initial investigation and enrichment: gather relevant logs/telemetry, add context, and document findings clearly in the case/ticketing system.
Escalation and coordination: escalate confirmed/suspected incidents quickly and cleanly to L2/IR with a complete handoff (timeline, scope, IOCs, actions taken).
Keyrock is a leading change-maker in the digital asset space, renowned for its partnerships and innovation. They have over 200 team members around the world with a diverse team from 42 nationalities and backgrounds ranging from DeFi natives to PhDs.
Triage, investigate, respond to, and remediate intrusions daily.
Mentor junior team members, allowing them to grow individually and as a team.
Contribute regularly to external-facing Huntress content such as blogs, webinars, presentations, and speaking engagements.
Huntress is a fully remote, global team of passionate experts and ethical badasses on a mission to break down the barriers to cybersecurity. Founded in 2015 by former NSA cyber operators, Huntress protects all businesses with enterprise-grade, fully owned, and managed cybersecurity products. They protect 4M+ endpoints and 7M+ identities worldwide, elevating underresourced IT teams with protection that works as hard as they do.
Deliver exceptional support experiences through security expertise and empathetic communication.
Provide expert-level advisory services on complex security questions and product issues.
Drive Security Operations team efficiency through process creation, optimization, and innovative feature ideas.
Blumira is a security operations platform built for growing teams and partners supporting them. They integrate comprehensive visibility, tools, and expert guidance to give IT and security teams peace of mind. The team is passionate about putting resilience in reach for every organization and helping teams build their own expertise.
Investigate networks of potentially fraudulent accounts using internal tools and data analysis
Make decisions on account suspensions based on evidence and established guidelines
Identify third-party platforms where our services are being resold without authorization, and draft and submit complaints / takedown requests
Runway is building AI to simulate the world through merging art and science. The company believes that world models are at the frontier of progress in artificial intelligence and consists of creative, open minded, caring and ambitious people who are determined to change the world.
Supporting investigations, day‑to‑day operations, and the uplift of our security posture.
Jumping into real incidents, guiding security decisions, and helping teams build securely from the start.
Unpicking a phishing campaign and advising on a new solution or progressing vulnerability management.
Contact Energy believes home is the most important place in the world. They're a team that’s reimagining how Aotearoa is powered and how customers experience energy. Contact is guided by their tikanga and they touch lives to make life better.
Monitor security events and incidents to detect potential threats and vulnerabilities.
Support response to security incidents and manage the incident response process end-to-end.
Implement and monitor security measures to protect LTK’s infrastructure and assets.
LTK's mission is to empower the world’s premium lifestyle Creators to achieve maximum economic success by connecting brands, creators, and shoppers with a world-class shopping app and trusted tools and technology. LTK is headquartered in Dallas, TX, and currently operates on five continents and employs a diverse, multi-disciplinary team.
Keeps the lights on, data safe, and people moving fast.
Jumping into real incidents, guiding security decisions, and helping teams build securely from the start.
Contributing to reviews of business solutions, risk identification and secure‑by‑design practices.
Contact Energy is a power, mobile, and broadband company that is transforming how Aotearoa is powered, leading the charge on renewable energy and digitising customer journeys. They are a team of 1000+ from all walks of life. They value caring for each other, learning from one another, and being guided by their tikanga.
Partner directly with Dragos customers and deliver tailored, highimpact threat intelligence through written reports, briefings, and inperson engagement.
Serve as the customer’s dedicated CTI resource - providing relevant intelligence that guides their OT security journey and collaborating across Dragos delivery teams.
Contribute to research on emerging OT threats and help shape security outcomes in a rapidly evolving industrial cybersecurity landscape.
Dragos is dedicated to arming customers with technology, threat intelligence, and services to protect their systems. They are a remote-first culture with operations in North America, Europe, the Middle East, and APAC and look for teammates who embody authenticity, transparency, and trust.
Collaborating with Security Operations Center (SOC) team members to monitor, detect, and respond to cybersecurity threats in a timely manner.
Responding to cybersecurity incidents from identification through resolution.
Developing and maintaining up-to-date knowledge of the threat landscape, as well as advancements in cybersecurity technologies and methodologies.
Calendly's product helps connect millions of people. They are in the midst of exciting product growth and offer opportunities to learn and grow alongside top professionals.
Monitor SIEM dashboard and security tools to detect security incidents.
Analyze alerts to determine relevance and prioritize response efforts.
Conduct investigations by gathering context and relevant logs.
Sentinel Blue is a young company focused on bringing enterprise-class cybersecurity to small and medium-sized businesses. They are pushing the envelope of how things are done and constantly seeking innovative ways to meet that mission in a fast-paced, dynamic environment that values learning and challenges.
Feature implementation through individual contributions and providing guidance in terms of organization, process, and design.
Collaborating closely with architects, UX, and DevOps to ensure our systems are highly available, scalable, performant, and deliver an amazing user experience.
Learning and working with cryptography and security concepts, including PKI and TLS/SSL agreement protocols, authentication, symmetric and asymmetric encryption, and related concepts.
JumpCloud delivers a unified open directory platform that makes it easy to securely manage identities, devices, and access across your organization. JumpCloud is IT Simplified and empowers IT teams and MSPs to enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform.