Lead, Cyber Defense & Response

Job Title Threat Hunting Lead Job Classification Technology - Information Security Responsibilities Lead proactive threat hunts across enterprise environments (on‑prem and cloud), including Active Directory/Entra, M365, Azure, AWS, endpoints, identity, network, and application telemetry. Develop and refine hunt hypotheses based on emerging threats, adversary TTPs, vulnerability exploitation trends, and internal detections/incident learnings; map activity to frameworks such as MITRE ATT&CK and the Cyber Kill Chain. Execute advanced investigations and log analytics using SIEM/XDR platforms; leverage Splunk SPL and Microsoft KQL to identify suspicious patterns, perform pivoting, and validate attack paths. Operationalize outcomes by translating hunt findings into durable defensive improvements: candidate detections/use‑cases, analytic content, prioritized telemetry gaps, and actionable response guidance for IR/CSOC. Partner with Cyber Threat Intelligence to convert intelligence into environment‑specific hunting plans, tracking, and measurable coverage (e.g., techniques, telemetry sources, and control validations). Partner with Detection Engineering to develop, test, and tune detection logic, including supporting documentation, test cases, and validation against realistic adversary behaviors. Drive visibility and resiliency improvements by identifying logging and data quality deficiencies, prioritizing remediation with stakeholders, and validating that required telemetry is consistently available. Provide technical leadership and coaching to threat hunting staff, including reviewing analytic approaches, promoting repeatable methodologies, and uplifting standards for documentation and knowledge sharing. Communicate clearly to stakeholders by producing concise executive summaries and detailed technical write‑ups, briefing leadership and technical partners on risk, scope, and recommended actions. Support incident response as needed by performing adjacency and scoping hunts during active incidents to prevent under‑scoping and to identify persistence, lateral movement, and follow‑on activity. Contribute to program maturity by improving playbooks, workflows, metrics, and reporting for threat hunting operations (e.g., coverage progress, outcomes, and time‑to‑insight). Qualifications 5+ years of experience in cyber threat hunting, incident response, detection engineering, or security operations in large enterprise environments. Demonstrated experience conducting investigations across endpoint, identity, network, and cloud telemetry in complex environments. Strong proficiency with at least one major SIEM/XDR ecosystem and advanced query authoring; hands‑on experience with Splunk SPL and/or Microsoft KQL strongly preferred. Working knowledge of attacker tradecraft, including credential access, persistence, lateral movement, defense evasion, command‑and‑control, and data exfiltration techniques. Strong understanding of adversarial frameworks including MITRE ATT&CK and Lockheed Martin’s Cyber Kill Chain, and ability to apply them to analytic development and hunting. Experience designing or improving hunt programs, including workflow/process, metrics, reporting, and knowledge management. Industry Standard certifications (one or more), such as: GIAC GCIA, GMON, GX‑IA, GCED, GX‑CX, GCIH, GCFE, GCFA, GEIR, GCFR, GNFA, GCTI, GCTD, GCFR, GCPN, GPEN, GXPN, Microsoft SC‑200, AZ‑500, CompTIA Cybersecurity Analyst (CySA+). Compensation & Benefits Salary range: $123,700.00 to $204,100.00 (based on geographic location, candidate experience, and skills). Yearly bonus potential at every level. Medical, dental, vision, life insurance, and disability insurance. Paid Time Off (PTO), parental, military, and other leaves of absence. 401(k) plan with company match up to 4%. Company‑funded pension plan. Wellness program reimbursement up to $1,600 per year. Work/Life Resources covering parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development. Education Benefit for traditional college enrollment and accredited certificate programs. Employee Stock Purchase Plan with shares at 85% of the lower of two prices after one year of service. Equal Opportunity Employment Prudential is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender identity, genetics, disability, marital status, age, veteran status, domestic partner status, medical condition or any other characteristic protected by law. #J-18808-Ljbffr Prudential Annuities Distributors (PAD)