Cyber Threat Hunter

Recruitment process for this position and onboarding trainings are conducted online.


What do you need to start?

  • 5+ years working in Cyber Security
  • Bachelor’s degree in related discipline such as computer security, computer science, computer engineering or information technology.
  • Experience with securing and hardening IT infrastructure
  • Demonstrated or advanced experience with computer networking and operating systems
  • Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses
  •  Demonstrated proficiency with regular expression and scripting languages, including Python or PowerShell + Skilled working with extremely large data sets to answer complex and ambiguous questions, using tools and languages like SQL, KQL, Python, Splunk, and PowerBI
  • Deep and practical OS security/internals knowledge for Linux and Windows.
  • Experience with any of major SIEM solutions such as Splunk, QRadar, Sentinel
  • Participate in after hours on-call rotation when required

It’s not essential, but we appreciate if you also have:

  • One of desire certificates: OSCP Certification, CISSP, SANS GCTI, CCSP, GCFA, GCFE, GREM, GNFA


What duties will help you grow?

  • Creating detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate team
  • Providing simple and reusable hunt tactics and techniques to a team of security engineers, SIEM specialists, and SOC analysts
  • Coordinating and driving efforts among multiple business units during response activities and post-mortem


What your development path can look like?

  • Plan and execute proactive adversary hunt for malicious activity using myriad log sources, network- and host-based tools, and threat intelligence to identify the threat actors and their tools and techniques.
  • Actively hunt for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) in the network and in the host as necessary
  • Search network flow, PCAP, logs, and sensors for evidence of cyber-attack patterns, and hunt for Advanced Persistent Threats (APT)
  • Monitor open source and commercial threat intelligence for IOCs, new vulnerabilities, software weaknesses, and other attacker TTPs
  • Proactive research and monitor security-related information sources to aid in the identification of threats to client networks, systems and intellectual property
  • Lead and mentor other staff members on incident response, analysis and tools
  • Expectation to learn new tools and techniques every day.
  • Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
  • Good reporting and documentation skill


What have we prepared for you?

Space where you can develop yourself: 

  • Development programs, external courses, education & certificates co-funding, NEXT platform with free access to Pluralsight, TED talks, Coursera materials, and virtual trainings: e.g. MS Azure, AWS, Google or ServiceNow. 

Our legendary atmosphere: 

  • We don’t have a rigid dress code, but what we do have are awesome communities and world– changing initiatives like Grant Program. We are a big company with unique atmosphere – we make friendships, share important moments, and simply… like each other!

A lot of benefits:

  • Home office: it’s your choice when you want to work from home. 
  • Private medical care which can be extended by a package of dental services purchased on preferential terms. 
  • Private life insurance which can be extended by oncology package purchased on preferential terms.
  • Referral bonuses for recommending your friends to Capgemini.
  • Access to Inspiro Audiobooks & Nais (cinema tickets, Multisport and more).
  • Offices in great locations, car leasing program, carpooling options and bicycle parking. 


Who are we?

Capgemini is a global leader in consulting, technology services and digital transformation. Our scope is wide. One of the teams is Projects & Consulting – part of a business unit called Cloud Infrastructure Services. 
Our employees say that in P&C team they are surrounded by awesome teammates who are ready to help professionally or just to drink a coffee with – no matter if it’s in person or virtually. You can count on your managers, willing to advise you, support you and give you a constructive feedback. There is a plenty of space to develop yourself, gain knowledge and exchange it for yours in a term of mutual partnership. 
Do you want to get to know us better? Watch a video:
Do you have any additional questions about our job offers? Check our Instagram (@capgeminipl) or visit our Facebook profile (Capgemini Polska).





Poziom doświadczenia:

Experienced Professional

Typ zatrudnienia:

Stałe zatrudnienie, pełny etat


Any Poland Base

Business units:

Cloud Infrastructure Services