Cyber Threat Hunter

Responsibilities

• Build and maintain behavior-based detections that identify adversary activity through sequences, relationships, and deviations across identity, endpoint, cloud, network, and application telemetry.
• Translate attacker techniques, malware behaviors, and adversary tradecraft into testable, explainable, and durable detection logic using a detection-as-code approach.
• Define telemetry, enrichment, and normalization requirements needed to improve signal quality, close coverage gaps, and support scalable detection outcomes in a cloud environment.
• Apply statistical methods, machine learning techniques, and Python-based analytical workflows to develop behavioral models, engineering features, and improve precision detection and operational actionability.
• Validate suspicious behaviors using digital forensics and incident response methods to distinguish malicious activity from benign anomalies, misconfigurations, and expected operational patterns.
• Partner with security operations, incident response, and detection engineering teams to operationalize detections with triage guidance, severity rationale, playbook alignment, and MITRE ATT&CK classification and coverage reporting.
• Use external threat intelligence as prioritization context while ensuring detections are grounded in observable behavior and telemetry within the enterprise environment.
• Responsibilities listed are not intended to be all-inclusive and may be modified as necessary.
• Experience you'll need to have:
• 8+ years of experience in detection engineering, proactive threat hunting, digital forensics and incident response, malware analysis, reverse engineering, threat research, red teaming, purple teaming, advanced security operations, or a combination of these domains.
• 8+ years of experience building behavior-based detections across large-scale enterprise telemetry using correlation, sequence analysis, behavioral analytics, and operational detection logic.
• 8+ years of experience using digital forensics and incident response methods across host, identity, cloud, and network investigations to validate suspicious activity and improve detection fidelity.
• 8+ years of experience applying Python for data analysis, automation, feature engineering, and repeatable analytical workflows in cybersecurity use cases.
• 6+ years of experience applying statistical modeling, machine learning methods, or comparable analytical techniques to security telemetry, including baselining, outlier detection, clustering, time-series analysis, behavioral scoring, or graph-based analysis.
• Experience using AI-assisted development tools with validation, testing, reproducibility, and secure coding practices in analytics, automation, or detection development workflows.
• Bachelor's degree or higher in Computer Science, Cybersecurity, Information Security, Engineering, Data Science or related field or equivalent combination of education, related experience and/or military experience.
• Experience that would be great to have:
• Experience with Google SecOps or Chronicle detection content development, data modeling, and telemetry analysis.
• Experience integrating security tools through application programming interfaces (APIs) and building internal services, signal pipelines, or workflow automation solutions.
• Familiarity with detection-as-code practices, including Git, continuous integration and continuous delivery (CI/CD), testing, and code review.

Additional Information

Calling all innovators - find your future at Fiserv. We're Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants and consumers to one another millions of times a day - quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we're involved. If you want to make an impact on a global scale, come make a difference at Fiserv. Job Title Cyber Threat Hunter About your role: As a Cyber Threat Hunter, you will serve as a senior individual contributor within Cyber Security Operations, building behavior-based detection capabilities that identify adversary activity before incidents become material. You will turn enterprise telemetry into high-confidence signals and durable detections using inside-out intelligence, data science, and AI-enabled development workflows. You will partner closely with detection engineering, security operations, and incident response teams in a cloud environment, with a primary focus on proactive detection development and signal engineering.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at fiserv? Share your experience