This role has been designed as ‘Hybrid’ with an expectation that you will work on average 2-3 days per week from an HPE office.
Who We Are:
Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today’s complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE.
Job Description:
About our Cybersecurity team:
Are you ready to make an impact at one of the world’s leading tech companies? HPE’s Cybersecurity team is where you can do just that! We’re looking for a dynamic and experienced Senior Advanced Threat Expert to join our Cybersecurity team. If you’re passionate about shaping the future of cybersecurity and ready for your next challenge, we’d love to hear from you.
About the role:
Responsible for defending the enterprise against the most sophisticated and emerging cyber threats. This role requires a visionary approach to threat hunting, detection, and incident response. Drive the development of cutting-edge threat detection capabilities, lead high-impact cybersecurity initiatives, and mentor the next generation of threat hunters. Industry experts, this individual will influence the organization's overall cybersecurity strategy and play a crucial role in shaping the future of the enterprise's security posture.
Advanced skills to respond to high end actor tactics in HPE's threat landscape. HPE has seen a large increase in threats from advanced and nation state actors which require very skilled resources to respond, contain and investigate their activity. This team also provides ongoing threat hunt capabilities to look for active threats.
About You:
* You will have a deep understanding of various operating systems, including Windows, Linux, and Mac, along with strong expertise in leading complex incident investigations and handling high-profile cases such as Advanced Persistent Threats.
* Your proficiency in Incident Response processes will span from initial triage to deep-dive forensic investigations, utilizing network-based, host-based, memory, and malware forensics.
* Experience in reverse engineering malware is a plus, as is your ability to write complex detection rules (e.g., Sigma, Yara) and provide both short-term and long-term network and system hardening strategies.
* You will be skilled in conducting both structured (IOC-based) and unstructured threat hunts to detect unknown threats, with proven experience using frameworks like MITRE ATT&CK.
* A strong understanding of various threat groups and their TTPs, combined with your experience in Threat Hunting and hypothesizing unstructured hunts, is essential.
* You will have expertise in scripting and programming languages such as Python, Bash, PowerShell, and SQL, and familiarity with SIEM platforms like Splunk, LogScale, and Elastic.
* Automating security tasks and collaborating with multiple stakeholders to advise on advanced threat trends and mitigation strategies will also be part of your responsibilities.
* Familiarity with Purple Teaming and offensive security tools, including in-depth knowledge of Active Directory, will be valuable.
* Experience with AI-driven attack vectors (e.g., Co-pilot) is a plus. You will also have advanced knowledge of cybersecurity laws, regulations, and frameworks such as NIST and ISO 27001, and a proven ability to contribute to security policy development.
* Strong leadership, strategic thinking, and communication skills will allow you to influence senior management, while your research and development efforts will drive innovation in threat detection and mitigation strategies.
You will be responsible for:
* Define and execute the strategic direction for advanced threat hunting, ensuring alignment with the organization's broader cybersecurity strategy.
* Lead the development and implementation of advanced threat detection frameworks, leveraging AI, machine learning, and behavioural analytics.
* Oversee the identification of undetected threats within the enterprise, prioritizing the protection of critical assets and data.
* Lead and coordinate responses to the most severe and complex cybersecurity incidents, guiding cross-functional teams through containment, eradication, and recovery.
* Provide executive-level oversight and decision-making during critical incidents, ensuring effective communication with stakeholders and minimizing organizational impact.
* Develop and implement advanced incident response playbooks and scenarios to prepare the organization for emerging threats.
* Stay at the forefront of cybersecurity trends, threats, and technologies, driving innovation within the organization's threat detection and response capabilities.
* Foster a culture of continuous improvement and innovation, encouraging the adoption of new technologies and methodologies within the team.
* Provide regular updates to senior leadership and the board on the threat landscape, incident response activities, and the overall effectiveness of threat-hunting efforts.
* Contribute to the development of the organization's cybersecurity strategy, ensuring that advanced threat detection and response are integral components.
* Develop and maintain key performance indicators (KPIs) to measure the effectiveness of threat-hunting and incident response programs.
* Mentor and provide technical guidance to less experienced cybersecurity professionals.
Education & Experience Requirements:
* Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent experience.
* 8 + years of experience in cybersecurity, with a significant focus on threat hunting, incident response, and advanced threat detection.
* Proven track record of leading complex cybersecurity initiatives and managing large, diverse teams.
* Deep understanding of advanced persistent threats (APTs), adversary tactics, techniques, and procedures (TTPs), and cybersecurity frameworks (e.g., MITRE ATT&CK).
* Required: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent.
Certifications:
* Desired: SANS GCIA, GNFA, GCFA, GREM, GCIH; any Red Teaming/Purple Teaming certifications a plus
* Preferred: Certified Chief Information Security Officer (CCISO), GIAC Security Expert (GSE), GIAC Advanced Threat Detection (GATD), or similar advanced certifications.
What We Can Offer You:
Health & Wellbeing
We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing.
Personal & Professional Development
We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division.
Diversity, Inclusion & Belonging
We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good.
HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT and Affirmative Action employer. We are committed to diversity and building a team that represents a variety of backgrounds, perspectives, and skills. We do not discriminate and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global diverse team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together.
Hewlett Packard Enterprise is EEO F/M/Protected Veteran/ Individual with Disabilities.
HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories