Hunt and Incident Response Analyst

Last updated 5 days ago
Location:Tempe, Arizona
Job Type:Full Time

About NortonLifeLock:

NortonLifeLock Inc. (NASDAQ: NLOK) is a global leader in consumer Cyber Safety. NortonLifeLock is dedicated to helping secure the devices, identities, online privacy, and home and family needs of its nearly 50 million consumers, providing them with a trusted ally in a complex digital world. For more information, please visit or connect with us on Facebook, Twitter, LinkedIn, Instagram and YouTube.

The Hunt and Incident Response Analyst is an integral part of the Global Cyber Security Team and will be responsible for monitoring, detecting, and responding to security events, incidents and threats.This role ensures that security risks are found, analyzed and triaged using a wide range of information security technologies. In addition, this role will help improve the risk posture of the organization by implementing controls to prevent or mitigate security risks and exposures. Additional responsibilities may be asked as deemed necessary.

Required Competencies:

  • Review, validate, and categorize security events using a variety of information security technologies.

  • Analyze a variety of network and host-based logs to lead security investigations.

  • Thoroughly document security investigations for various stakeholders across the company.

  • Proactive hunting on the network to identify security risks.

  • Make recommendations and/or implement security controls and countermeasures to prevent or mitigate various security risks.

  • In-depth network analysis (pcap), core forensic familiarity, and incident response skills.

  • Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner.

  • Ability to collaborate and communicate effectively and respectfully with both business-oriented executives and technology-oriented personnel in teams across the organization.

  • Ability to protect all forms of highly confidential and proprietary business information and ability to maintain the highest standards of privacy and security.

  • Ability to follow and abide by all information and security policies and practices.


  • Bachelor’s degree in computer science, Information Assurance, or a related degree or equivalent experience.

  • A minimum of ten (10) years of experience in an Information Security related role.

  • A minimum of five (5) year of experience in a Cyber Defense Operations Center or Security Operations Center.

  • Self-motivated to creatively find and investigate security events.

  • Ability to multi-task and work in fast-paced environment.

An in-depth understanding of:

  • Security tools (IPS, HIPS, Web Proxy, Open Source Intelligence, Packet Captures, Memory Analysis, Syslog, DHCP, AD, 802.1x, NAT, VPN logs, Passive DNS, and SIEM).

  • Well-known networking protocols (HTTP, SSH, FTP, DNS, etc).

  • Windows, Mac, and Linux-based operating systems from both a user-endpoint and server perspective.

  • Common and emerging attack vectors, penetration methods, countermeasures, and remediation methods and implications.

  • Scripting experience preferred in one or more of the following languages: R, Python, Ruby, Perl, BASH, PowerShell.

  • Knowledge of information security industry and regulatory obligations (PCI DSS, SOX404, SOC1/2, ISO 27000-series, NIST Framework, etc.).

  • Industry Certifications preferred: GCIA, GCIH, GCFA, OSCP, etc.

NortonLifeLock is proud to be an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive and accessible environment for all employees. All employment decisions are based on merit, experience, and business needs, without regard to race, color, national origin, age, religion, sex, pregnancy (including childbirth or related medical conditions), genetic information, disability (physical or mental), medical condition, marital status, sexual orientation, gender identity or gender expression, military or veteran status, or any other consideration made unlawful by federal, state, or local law. NortonLifeLock strictly prohibits unlawful discrimination based on such protected characteristics and seeks to recruit the most talented candidates from diverse cultures and backgrounds.

We also consider for employment qualified individuals with arrest and conviction records. In addition, NortonLifeLock will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Learn more about pay transparency.

EEO is the law. Applicants and employees of NortonLifeLock Inc. are protected under Federal law from discrimination. See the EEO poster and supplement.