Cyber Security Operations, Threat Hunter

**WPP** is the creative transformation company. We use the power of creativity to build better futures for our people, planet, clients, and communities.**

**Working at WPP means being part of a global network of more than 115,000 accomplished people in 110 countries. WPP has headquarters in New York, London and Singapore and a corporate presence in major markets worldwide.**

**We create transformative ideas and outcomes for our clients through an integrated offer of communications, experience, commerce, and technology.**

**WPP and our award-winning agencies work with most of the world's biggest companies and organisations - from Ford, Unilever and P&G to Google, HSBC, and the UN. Our clients include 61 of the FTSE 100, 307 of the Fortune Global 500, all 30 of the Dow Jones 30 and 62 of the NASDAQ 100. WPP are the leader in the Bloomberg Gender Equality Index and 20th in the FTSE 100 rankings for Women on Boards.**

**WPP is the transformation company. We use the power of creativity to build better futures for our people, planet, clients, and communities.**

**Working at WPP means being part of a global network of more than 100,000 accomplished people in 110 countries. We create transformative ideas and outcomes for its clients through an integrated offer of communications, experience, commerce, and technology. WPP and our award-winning agencies work with most of the world's biggest companies and organisations - from Ford, Unilever and P&G to Google, HSBC, and the UN. Our clients include 61 of the FTSE 100, 325 of the Fortune Global 500, all 30 of the Dow Jones 30 and 62 of the NASDAQ 100.**

**WPP has headquarters in New York, London and Singapore and a corporate presence in major markets worldwide. We are quoted on the London Stock Exchange and the New York Stock Exchange. **Key performance indicators** for WPP (2020) include Billings of £46.9bn and Revenue of £12bn.**

**#LI-Hybrid**

**Visit our LinkedIn page to see what we're up to**

**Why we're hiring**:
The Cyber Security Threat Hunter will work alongside the Cyber Threat Intelligence team and others within Security Operations. You will maintain a clear understanding of the threat landscape, including detailed knowledge of threat actor groups. You will manage the complete cyber threat hunting lifecycle and ensure that this is appropriately integrated into relevant processes and tools as applicable.

You will perform activities and analysis across the estate with a view to understanding the motivations, tactics, techniques and procedures used by threat actors towards the organization and produce accurate documentation on findings to prioritize remediation activity.

The Threat Hunter role will be driving both proactive and reactive cyber-Threat Hunts within the network perimeter, and also performing external hunts to create hypotheses about potential threats and where cyber-attacks are likely to hit.

**What you'll be doing**:

- Searching for Cyber threats and risks inside the network, sharing findings with the wider SOC team to ensure containment and helping to prepare future defensive strategies.
- Searching for ongoing malicious events and activities within the network, with a goal of detecting an in-progress cyber-attack.
- Providing analysis to feed into the overall security posture, help with supporting activities to further increase defenses, harden potential attack surfaces and implement better protection mechanisms.
- Assist in supporting breach investigations, providing the wider Operational Security team with key information to quickly respond to threats.

**What you'll need**:
**Qualification Requirements**:

- Certifications in security (i.e. GCFA, GCFE, GCIH) desirable but not necessary.
- Degree or equivalent in relevant security field desirable but not necessary.
- 3+ Years of Cyber Security Operations experience.

**Skills / Experience Requirements**:

- Experience with Threat Hunting techniques on both endpoints and network data.
- Experience with common attack vectors and offensive tools and tactics.
- Must be able to analyze intelligence from internal data as well as publicly available sources.
- Understanding of data analytics tools and techniques.
- Understanding of common malware types, their behaviors and common infection vectors.
- Ability to identify attacker TTPs (Tactics, Techniques and Procedures).
- Ability to identify signs of malicious activity from memory dumps, logs and packet captures.
- Ability to document findings into reports that can be understood across all levels of the organization.
- Strong presentation and communication skills.

**Who you are**:
**You're open**_:_** **We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are accepting of new ideas, new partnerships, new ways of working.

**You're optimistic**_:_** We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our c