Remote (Global)

Braze is hiring a Senior Hunt & Response Analyst - West Coast

About the Role

Braze is looking for a Senior Hunt & Response Analyst to join the Huntress Global Hunting & Response team. In this dual-mode role, you will spend time proactively hunting for threats by researching attacker tradecraft and testing hypotheses, as well as leading or supporting tactical incident response engagements for customers who use Huntress MDR.

What You'll Do

Perform a cadenced review of hunting data to identify compromises not found during standard SOC workflows.
Research, develop, and test new hunting hypotheses in the form of new detections or analytics.
Lead or support tactical incident response engagements for customers who already utilize Huntress MDR.
Perform live analysis on systems to determine the root cause of an intrusion and craft summary reports with next steps.
Perform intermediate malware analysis as part of hunting and response efforts.
Perform OSINT as part of hunting and response efforts.
Contribute to content creation efforts such as blogs, videos, podcasts, and webinars.
Contribute to community-driven projects and frameworks, such as MITRE ATT&CK, HijackLibs, and the LOLBAS Project.
Speak with customers to explain or summarize findings from investigations.

What We're Looking For

3-5 years working in one or more of the following: SOC, MDR, Threat Hunting, or Incident Response roles.
Experience leading or participating in Incident Response engagements for external customers.
Experience with tools such as osquery, Velociraptor, or leveraging EDRs to perform forensic artifact analysis on systems.
Confident command of forensic tools (e.g., Ericzimmerman’s EZ tools, RegRipper, Hayabusa, Chainsaw) and forensic artifacts (e.g., prefetch, jumplists, shellbags).
Deep understanding of offensive security tradecraft, particularly persistence, lateral movement, credential theft, and remote access.
Confidently able to track threat actors across an organization and timeline the activity.
Strong familiarity with one or more detection languages such as Sigma, Suricata, Snort, or Yara.
Familiarity with OSINT sources and how they can help answer questions relating to threat actor activity and infrastructure.
Strong familiarity with various query languages such as KQL, EQL, ES|QL, Splunk SPL.
Intermediate malware analysis skills.
Intermediate knowledge of Windows internals.
Strong understanding of the current threat landscape, initial access brokers, and ransomware actors.
Passionate and involved with the community through blogs, social media, conferences, etc.
Experience with scripting (such as PowerShell, Python, Bash, PHP, JavaScript, or Ruby).
Demonstrable experience providing written and/or verbal customer-facing deliverables.
Experience with detection and response in cloud environments such as Microsoft M365/Azure.
Comfortable using Git to contribute to internal projects.

Nice to Have

Intermediate knowledge of Linux and macOS internals.

Technical Stack

osquery, Velociraptor, EDRs, Ericzimmerman’s EZ tools, RegRipper, Hayabusa, Chainsaw
Sigma, Suricata, Snort, Yara
KQL, EQL, ES|QL, Splunk SPL
PowerShell, Python, Bash, PHP, JavaScript, Ruby
Git, Microsoft M365/Azure

Team & Environment

You will be part of the Huntress Global Hunting & Response team, which sits alongside the 24x7 Security Operations Center team. The team is a skilled group that reviews lower-confidence signals and manages tactical incident response scenarios, reporting to the Senior Manager, Hunt & Response.

Benefits & Compensation

Compensation: $145,000 to $165,000 base salary plus equity via stock options for all full-time employees.
100% remote work environment.
Generous paid time off policy, including vacation, sick time, and paid holidays.
12 weeks of paid parental leave.
Highly competitive and comprehensive medical, dental, and vision benefits plans.
401(k) with a 5% contribution regardless of employee contribution.
Life and Disability insurance plans.
One-time $500 reimbursement for building/upgrading home office.
Annual allowance for education and professional development assistance.
$75 USD/month digital reimbursement.
Access to the BetterUp platform for coaching, personal, and professional growth.

Work Mode

This is a 100% remote position open to candidates in the United States.

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are. We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

Required Skills

osqueryVelociraptorEDRSigmaSuricataSnortChainsawHayabusaRegRipperEriczimmerman’s EZ toolsincident responsethreat huntingdigital forensicsSIEMlog analysismalware analysis

Starting a business in Thailand?

Company registration done right

Foreign ownership rules, licenses, tax registration — Thai business setup has many moving parts. SVBL guides you through every step with full legal compliance.

Company registration & structure

Foreign ownership solutions

License & tax registration

BOI promotion eligibility

Start your business

100% foreign ownership possible

About company

Braze is the leading customer engagement platform that empowers brands to Be Absolutely Engaging.™ Braze allows any marketer to collect and take action on any amount of data from any source, so they can creatively engage with customers in real time, across channels from one platform.

Visit website

Job Details

Category security

Posted 4 months ago