Cyber Threat Hunting - Lead Associate at WTW

London, England, United Kingdom -

Full Time

Start Date

Immediate

Expiry Date

25 Oct, 25

Salary

180000.0

Posted On

25 Jul, 25

Experience

0 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Health, Retirement Benefits, Critical Illness, Powershell, Collaboration, Incident Response, Scripting Languages, Decision Making, Python, Forensics, Interpersonal Skills, Interpreting, Collaborative Environment, Analytical Skills, Security Incident Response

Industry

Information Technology/IT

Description

THE REQUIREMENTS

A detail-oriented professional with a proactive mindset to stay ahead of emerging threats.
A team player who thrives in a collaborative environment and can navigate complex challenges effectively.
Someone passionate about making a tangible impact on WTW’s cybersecurity resilience
Extensive experience in cyber threat hunting & security incident response in global environments.
Strong problem-solving and analytical skills, with the ability to influence stakeholders and drive effective decision-making.
Expertise in adversarial tactics, techniques, and procedures (TTPs), the MITRE ATT&CK framework, cyber kill chain, and hacking/post-exploitation tools.
Proficiency in interpreting and querying diverse log types (e.g., Windows Event, Web server, Firewall logs) and conducting threat hunts within SIEM and EDR tools.
Knowledge of forensic methodologies, open-source tooling, and cloud security, including incident response in cloud environments.
Familiarity with scripting languages such as Python, PowerShell, and KQL, with a functional understanding of programming concepts.
Industry-recognized certifications in Cyber Incident Response, Forensics, or Malware Analysis are a plus.
Strong communication, collaboration, and interpersonal skills to effectively convey security and risk concepts across diverse audiences.

Responsibilities

The Cyber Threat Hunting Lead Associate will provide global threat hunting capability for WTW, responsibilities of this role will include:

Conduct threat-hunting operations to identify and mitigate potential threats before they can impact the organization.
Develop and execute hypothesis-driven threat hunting techniques to uncover adversary tactics, techniques, and procedures (TTPs).
Analyze security trends and assess their impact on the organization, providing actionable insights to leadership.
Execute proactive threat hunts to identify and investigate potential indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and anomalous activities.
Analyze threat intelligence to enhance detection and response capabilities and ensure alignment with WTW’s security strategy.
Utilize advanced threat hunting tools and techniques, including behavioral analytics, anomaly detection, and threat intelligence integration.
Support incident response activities by conducting forensic analysis, identifying root causes, and recommending mitigation strategies.
Collaborate with stakeholders across ICSD and other teams to improve threat detection and response processes.
Create and maintain documentation, such as threat hunt reports, playbooks, and standard operating procedures (SOPs).
Stay updated on emerging threats, vulnerabilities, and cybersecurity trends to continuously refine threat-hunting methodologies.

Note: Employment-based non-immigrant visa sponsorship and/or assistance is not offered for this specific job opportunity.