DFI/Threat Hunter Lead

This job is with Kyndryl, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.The Role Are you passionate about protecting companies from cyber threats? Do you want to be part of a team that safeguards the digital assets of cutting-edge organizations? Look no further - Kyndryl is seeking a Cybersecurity Specialist to join our team of talented Technical Specialists.As a Cybersecurity Specialist, you will be at the forefront of protecting Kyndryl's customers' computer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. You will use a variety of tools and techniques to defend against a wide range of cyber threats, such as malware, ransomware, phishing attacks, and data breaches.But that's not all - at Kyndryl, you will also have the opportunity to implement new cybersecurity systems and policies to ensure the protection of our customers' data and assets. You will monitor and review potential threats from various cybersecurity systems and conduct proof-of-concepts (POCs) with new cyber security software to evaluate its effectiveness and potential integration into the organization's systems.Not only will you be responsible for ensuring the security of Kyndryl's customers' network and systems, but you will also enrich the organization's knowledge towards potential cyber threats and best practices. You will provide automation scripts for threat hunting in customer environments using lessons learned from Cyber-attacks.You will also have the opportunity to conduct penetration testing and threat and vulnerability assessments of applications, operating systems, and networks, responding to cybersecurity breaches and identifying intrusions. You will research and evaluate cybersecurity threats and perform root cause analysis, all while assisting in the creation and implementation of security solutions.Additionally, you will have the opportunity to work in the area of security innovation, creating and experimenting with "outside the box" ideas that could change the trajectory of cyber security.This is a unique opportunity to work with cutting-edge technology, be part of a dynamic team, and make a significant impact in the world of cybersecurity. If you're up for the challenge, apply now to join Kyndryl's cybersecurity teamYour Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here.Who You Are You're good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you're open and borderless - naturally inclusive in how you work with others. Required Skills and Experience: Having 7+years of Experience in DFI/Threat Hunter Lead the development of threat hunting hypotheses using threat intelligence, MITRE ATT&CK, and kill chain modelsGuide the team in conducting hunts across SIEM, EDR/XDR, and network telemetry to uncover hidden threatsValidate and refine threat intelligence to ensure it is actionable and relevantTranslate hunting outcomes into detection logic and use cases for SIEM and SOAR platformsCollaborate with content developers to build and tune correlation rules and analyticsIdentify gaps in visibility and recommend improvements to logging and telemetry coverageEscalate confirmed findings to L3 incident response teams with detailed evidence and RCARecommend preventive and detective countermeasures (e.g., policy changes, new rules)Support RCA documentation and post-incident reviewsPerform forensic acquisition and analysis of endpoints, servers, and cloud workloads involved in security incidentsExtract and preserve digital evidence in accordance with legal and compliance standards.Preferred Skills and Experience: Conduct timeline analysis, memory forensics, and disk image reviews to reconstruct attacker activityDeliver weekly/monthly reports on threat hunting activities, findings, and trendsParticipate in governance forums and contribute to executive dashboardsEnsure alignment with SLA/KPI metrics and compliance requirementsMentor junior threat hunters and analysts on hypothesis building, investigation techniques, and tool usageConduct knowledge-sharing sessions and contribute to skills development plansCoordinate with CTI, SOC, and engineering teams to align hunting with broader security goalsBeing You Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way.What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employeelearning programsgive you access to the best learning in the industry to receive certifications,including Microsoft,Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations.At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.Get Referred If you know someone that works at Kyndryl, when asked 'How Did You Hear About Us' during the application process, select 'Employee Referral' and enter your contact's Kyndryl email address.