Threat Hunter

Job Description

Auto req ID: 203171BR

Job Description

Imagine when YOUR “Creative Solutions” MEETS OUR Thirst for Innovation

At PepsiCo, it takes a global team to solve some of the most complex problems. And our InfoSec group is no exception! From Plano to Poland - we have a collaborative team comprised of two structures, a Center of Excellence, and a Consultancy, that are consistently innovating and supporting one another across borders.

As a Threat Hunter, you will be a key member of the Threat Detection Operations team within PepsiCo’s Cyber Fusion Center. You will be responsible for turning threat intelligence into actionable alerts. Your goal is to identify threat actor activity as quickly as possible and convey your findings to the Incident Response team for remediation, working together to minimize attacker dwell time. Your success will require more than just looking for known Indicators of Compromise. To excel in this role, you will need to seek out the Tactics, Techniques and Procedures used to infiltrate networks.

Your Job Duties will include:

  • Executing hunt missions guided by threat intelligence, analysis of anomalous log data, and/or team brainstorming sessions with the goal of identifying threat actors in PepsiCo’s networks.
  • Identifying the best means for detecting threat actor activities.
  • Organizing detections in the framework of MITRE ATT&CK.
  • Analysis of network packet captures DNS query logs, proxy logs, Netflow, as well as other logs from applications and operating systems.
  • Reviewing alerts generated by detection infrastructure for false positives and improve alerts as needed.

Qualifications/Requirements

  • Bachelor’s degree in Information Technology, related disciplines or equivalent work experience
  • Relevant Technical Security Certifications (such as from GIAC, EC-Council, Offensive Security, etc.)

Experience (required):

  • 6+ years overall IT Infrastructure experience
  • 3+ years of recent experience in a technical security role (such as in a SOC, Incident Response team, Malware Analysis, IDS/IPS Analysis, etc.)

Experience (desired):

  • Deploying and configuring information technology systems in a corporate environment
  • Using and maintaining a SIEM (Security Information & Event Monitoring) solution such as ArcSight, Elasticsearch, LogRhythm, NetWitness, QRadar, or Splunk
  • Tuning a NIDS (Network Intrusion Detection System) such as Snort or Zeek or Suricata or their commercial equivalents
  • Performing forensic analysis to identify the source of malicious activity
  • Developing Software using Agile methodologies
  • Penetration Testing or Red Team work

Skills:

  • Thinking like an attacker
  • Automating simple tasks with one or more common scripting languages (Python, Powershell, PERL, etc)
  • Able to craft regular expressions that will filter data down to exactly what you want and nothing you don’t want.
  • Familiarity with installing and managing both Linux/UNIX & Windows operating systems
  • Understanding the TCP/IP networking stack & network technologies
  • Working knowledge of full packet capture /PCAP analysis and accompanying tools (Wireshark, etc.)
  • Able to navigate and explain Active Directory and Group Policy
  • Knowledgeable in several of the following subjects:
  • APT/crimeware ecosystems
  • Cloud infrastructure monitoring
  • Data analytics/science
  • IT architecture & infrastructure design
  • Log management/SIEM
  • Malware analysis & reverse engineering
  • Red Team/Penetration testing
  • Scripting & automation
  • Security engineering
  • Software vulnerabilities & exploitation
  • Comfortable working with a diverse and global team of security professionals

Relocation Eligible: Not Eligible for Relocation
Job Type: Regular


All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity

Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Credit Reporting Act, and all other applicable laws, including but not limited to, San Francisco Police Code Sections 4901 - 4919, commonly referred to as the San Francisco Fair Chance Ordinance; and Chapter XVII, Article 9 of the Los Angeles Municipal Code, commonly referred to as the Fair Chance Initiative for Hiring Ordinance.

If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy

Please view our Pay Transparency Statement