SOC - Threat Hunter

DXC Technology helps global companies run their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private and hybrid clouds. The world's largest companies and public sector organizations trust DXC to deploy services to drive new levels of performance, competitiveness, and customer experience across their IT estates.

Role Summary

The Threat Hunter is responsible for proactively identifying advanced threats that evade automated security defenses. By leveraging threat intelligence, hypothesis-driven investigation, and advanced analytical techniques, this role enhances the organization's ability to detect, understand, and respond to sophisticated cyber threats.

Key Responsibilities

Proactive Threat Hunting Actively and iteratively search for hidden or unknown threats that may have bypassed existing security controls.

Threat Intelligence Integration Apply threat intelligence to guide hunting efforts and identify high-risk indicators and attack techniques.

Incident Pattern Analysis Investigate past and ongoing incidents to detect patterns, tactics, techniques, and procedures (TTPs).

Hypothesis Development & Testing Formulate hypotheses based on observed behaviors and intelligence, then test them through data analysis and search queries.

Advanced Tool Utilization Use SIEM, EDR, and other advanced tools to search for anomalies and suspicious activities across customer environments.

Cross-Team Collaboration Work closely with SOC analysts, detection engineers, and incident responders to operationalize hunting findings.

Documentation & Reporting Produce clear reports and discovery write-ups to communicate threat findings and recommended actions.

Continuous Improvement Recommend improvements to threat detection and incident response processes based on insights gained through hunts.

Knowledge Sharing & Training Train and mentor SOC team members on threat hunting techniques and emerging threat trends.

Ongoing Learning Stay current with cybersecurity threat landscape, attacker tradecraft, and evolving threat hunting methodologies.

Key Tasks & Duties

Develop and refine search queries and detection logic in monitoring platforms using intelligence-driven hypotheses.

Identify anomalies and outliers in event data and coordinate with detection engineers to translate findings into actionable detections.

Support incident investigation efforts through coordination with clients and content managers for deeper, on-site investigations if needed.

Provide expert threat impact analysis based on observed adversary behaviors and campaign indicators.

Required Skills & Qualifications

Strong investigative mindset with systems and design thinking capabilities.

Excellent analytical and writing skills for clear documentation and reporting.

Practical knowledge of threat-informed defense frameworks such as MITRE ATT&CK.

Experience in hypothesis development and threat modeling methodologies.

Familiarity with log analysis, endpoint telemetry, and network traffic data.

Preferred Certifications (Nice to Have)

MAD20 – Threat Hunting Specialist

Learn more about DXC's Security team -Security

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf.More information on employment scams is available here .

#J-18808-Ljbffr