Dentons
Join to apply for the
Threat Analyst
role at
Dentons
Dentons US LLP is currently recruiting for a Threat Analyst. The Information Security Threat Analyst is responsible for proactively hunting for threats within client environments, developing and tuning SIEM use cases, and conducting in-depth investigations of security events. The role involves monitoring and operationalizing threat intelligence, engineering automation and SOAR playbooks to streamline detection and response and maintain comprehensive documentation of threat hunting activities. The analyst collaborates with internal teams to enhance security operations, participates in incident response, and continuously adapts to the evolving cyber threat landscape.
Responsibilities
sAnalyze activity trends using a mix of tools and analytical methodologies to hunt for threats not otherwise detected by configured security alerts
.Conduct threat scenario analysis to develop new use cases with relevant attack vectors; develop attack scenarios to formulate hunting strategies to identify threats undetected by existing controls
.Perform in-depth investigation of events of interest identified during hunts or from security alerts as defined investigation and response procedures
.Monitor, triage, and operationalize threat intelligence from commercial, open-source, ISAC/ISAO, and government sources
.Correlate threat intelligence with internal telemetry to identify potential compromise and guide hunts and incident response
.Create and deliver regular threat hunting and threat intelligence reports including hypotheses, datasets, findings, false positives, and detection/response improvements
.Contribute to the tuning and development of SIEM use cases and other security control configurations to enhance threat detection capabilities
.Define and track Security Operations metrics
.Design, develop, and maintain automation and SOAR playbooks to streamline alert triage, enrichment, containment, and notification workflows
.Automate routine operational tasks (e.g., IOC curation, asset/context lookups, quarantine, user suspension) to reduce MTTD/MTTR
.Facilitate vulnerability management by correlating vuln data with exploits-in-the-wild; prioritize remediation based on risk and exposure
.Participate in IR exercises to validate processes and IR capabilities
.Other duties as assigned to fully meet the requirements of the position
Required Qualifications
nsBachelor’s degree/diploma in Computer Science, Information Security, or related fiel
d.Minimum 2 years of experience in Cyber Intelligence or as a Threat Hunter, ideally within a CIRT/SOC; hands-on experience with SIEM content and automation developmen
t.Direct prior experience with core security technologies such as SIEM, vulnerability scanners, anti-virus solutions, and EDR
s.Strong knowledge of threat intelligence and threat hunting, including MITRE ATT&CK, kill chain, hypothesis-driven methods, and IOC lifecycle managemen
t.Demonstrated experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, Elastic): data onboarding, parsing, correlation rules, dashboards, and tunin
g.Experience with SOAR platforms (e.g., Splunk SOAR, Microsoft Sentinel automation, Swimlane) and building playbooks for enrichment and respons
e.Strong analytical and investigative skills; knowledge of technical security controls and mitigation
s.Experience with advanced endpoint analytics and EDR tooling (e.g., CrowdStrike, Defender for Endpoint, Sophos
).Good working knowledge of common security threats, industry best practices, and security technologie
s.24x7 on-call availability for high severity incident
s.Knowledge of digital forensics, malware analysis, penetration testing and ethical hackin
g.Proficiency in scripting languages (Python, PowerShell, shell) is a plu
s.Industry certifications are a strong asset (e.g., GIAC, Microsoft SC-200, Splunk Enterprise Security, AWS/Azure security certs
Salary aryChicago Only DOE: $83,850 - $107,
950Washington DC Only DOE: $86,900 - $111,
850 Dentons offers a competitive salary and benefits package including medical, dental, vision, 401k, profit sharing, short-term/long-term disability, life insurance, tuition reimbursement, paid time off, paid holidays and discretionary bonu
Benefits
Medical insurance
Vision insurance
401(k)
Child care support
Paid maternity leave
Paid paternity leave
Tuition assistance
Disability insurance
Dentons US LLP is an Equal Opportunity Employer of Individuals with Disabilities and Protected Veterans. We are an affirmative action employer. Pursuant to local ordinances, we will consider for employment qualified applicants with arrest and conviction records.
#J-18808-Ljbffr
Threat Analyst
role at
Dentons
Dentons US LLP is currently recruiting for a Threat Analyst. The Information Security Threat Analyst is responsible for proactively hunting for threats within client environments, developing and tuning SIEM use cases, and conducting in-depth investigations of security events. The role involves monitoring and operationalizing threat intelligence, engineering automation and SOAR playbooks to streamline detection and response and maintain comprehensive documentation of threat hunting activities. The analyst collaborates with internal teams to enhance security operations, participates in incident response, and continuously adapts to the evolving cyber threat landscape.
Responsibilities
sAnalyze activity trends using a mix of tools and analytical methodologies to hunt for threats not otherwise detected by configured security alerts
.Conduct threat scenario analysis to develop new use cases with relevant attack vectors; develop attack scenarios to formulate hunting strategies to identify threats undetected by existing controls
.Perform in-depth investigation of events of interest identified during hunts or from security alerts as defined investigation and response procedures
.Monitor, triage, and operationalize threat intelligence from commercial, open-source, ISAC/ISAO, and government sources
.Correlate threat intelligence with internal telemetry to identify potential compromise and guide hunts and incident response
.Create and deliver regular threat hunting and threat intelligence reports including hypotheses, datasets, findings, false positives, and detection/response improvements
.Contribute to the tuning and development of SIEM use cases and other security control configurations to enhance threat detection capabilities
.Define and track Security Operations metrics
.Design, develop, and maintain automation and SOAR playbooks to streamline alert triage, enrichment, containment, and notification workflows
.Automate routine operational tasks (e.g., IOC curation, asset/context lookups, quarantine, user suspension) to reduce MTTD/MTTR
.Facilitate vulnerability management by correlating vuln data with exploits-in-the-wild; prioritize remediation based on risk and exposure
.Participate in IR exercises to validate processes and IR capabilities
.Other duties as assigned to fully meet the requirements of the position
Required Qualifications
nsBachelor’s degree/diploma in Computer Science, Information Security, or related fiel
d.Minimum 2 years of experience in Cyber Intelligence or as a Threat Hunter, ideally within a CIRT/SOC; hands-on experience with SIEM content and automation developmen
t.Direct prior experience with core security technologies such as SIEM, vulnerability scanners, anti-virus solutions, and EDR
s.Strong knowledge of threat intelligence and threat hunting, including MITRE ATT&CK, kill chain, hypothesis-driven methods, and IOC lifecycle managemen
t.Demonstrated experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, Elastic): data onboarding, parsing, correlation rules, dashboards, and tunin
g.Experience with SOAR platforms (e.g., Splunk SOAR, Microsoft Sentinel automation, Swimlane) and building playbooks for enrichment and respons
e.Strong analytical and investigative skills; knowledge of technical security controls and mitigation
s.Experience with advanced endpoint analytics and EDR tooling (e.g., CrowdStrike, Defender for Endpoint, Sophos
).Good working knowledge of common security threats, industry best practices, and security technologie
s.24x7 on-call availability for high severity incident
s.Knowledge of digital forensics, malware analysis, penetration testing and ethical hackin
g.Proficiency in scripting languages (Python, PowerShell, shell) is a plu
s.Industry certifications are a strong asset (e.g., GIAC, Microsoft SC-200, Splunk Enterprise Security, AWS/Azure security certs
Salary aryChicago Only DOE: $83,850 - $107,
950Washington DC Only DOE: $86,900 - $111,
850 Dentons offers a competitive salary and benefits package including medical, dental, vision, 401k, profit sharing, short-term/long-term disability, life insurance, tuition reimbursement, paid time off, paid holidays and discretionary bonu
Benefits
Medical insurance
Vision insurance
401(k)
Child care support
Paid maternity leave
Paid paternity leave
Tuition assistance
Disability insurance
Dentons US LLP is an Equal Opportunity Employer of Individuals with Disabilities and Protected Veterans. We are an affirmative action employer. Pursuant to local ordinances, we will consider for employment qualified applicants with arrest and conviction records.
#J-18808-Ljbffr