qcs2026

Threat Hunter Consultant Level

Threat Hunter Consultant Level

Apply

Closing Date: August 1, 2026

Location: Doha, work from office

Department: Cybersecurity / Threat Intelligence 

Reports To: Threat Hunting Lead / SOC Manager 

Job Summary: 

We are seeking a highly skilled and experienced Threat Hunter to proactively detect and respond to advanced threats within enterprise IT, OT, IoT environments. This role focuses on identifying hidden attackers, insider threats, and persistent threats that evade traditional security controls. The ideal candidate will possess strong log analytics, intrusion analysis, and incident handling skills, and will be adept at working with large datasets and threat intelligence to uncover malicious activity. 

Key Responsibilities: 

  • Proactively hunt for hidden threats, including APTs and insider threats, across enterprise networks, endpoints, and cloud environments. 
  • Analyze logs, network traffic, endpoint telemetry, and other data sources to detect anomalies and indicators of compromise (IOCs). 
  • Develop and execute hypotheses driven threat hunting campaigns. 
  • Perform intrusion analysis and reverse engineering of attacker techniques, tactics, and procedures (TTPs). 
  • Collaborate with SOC, Incident Response, and Threat Intelligence teams to validate findings and escalate confirmed threats. 
  • Create and maintain detection rules, scripts, and automation to improve threat visibility. 
  • Document findings, create detailed reports, and present threat hunting outcomes to stakeholders. 
  • Perform threat hunting using packet flows, NDR. 
  • Contribute to the continuous improvement of threat hunting methodologies and frameworks. 

Required Skills & Qualifications: 

  • Experience: 5–8 years in cybersecurity, with at least 3 years in threat hunting, incident response, or intrusion analysis. 

Technical Skills: 

  • Strong proficiency in log analysis using tools like Splunk, ELK Stack, Sentinel, or QRadar
  • Deep understanding of network protocols, endpoint behavior, and attack lifecycle (MITRE ATT&CK framework)
  • Experience with SIEMs, NDR (Exabeam, Extrahop, Vectra), EDRs (e.g., CrowdStrike, SentinelOne, Carbon Black), and threat intelligence platforms
  • Familiarity with scripting languages (Python, PowerShell, Bash) for automation and data parsing. 
  • Knowledge of cloud environments (AWS, Azure, GCP) and associated threat vectors. 

Soft Skills: 

  • Strong analytical and problem-solving skills. 
  • Excellent communication and documentation abilities. 
  • Ability to work independently and collaboratively in a fast paced environment. 

Preferred Certifications: 

  • GIAC Certified Threat Hunter (GCTH) 
  • GIAC Cyber Threat Intelligence (GCTI) 
  • GIAC Certified Incident Handler (GCIH) 
  • Certified Ethical Hacker (CEH) 
  • CompTIA Cybersecurity Analyst (CySA+) 
  • MITRE ATT&CK Defender (MAD) certifications 

Technologies & Tools: 

  • SIEM: Splunk, ELK, Microsoft Sentinel, QRadar  
  • EDR/XDR: CrowdStrike, SentinelOne, Microsoft Defender, Carbon Black  
  • NDR: ExtraHop, Vectra, ExaBeam, FireEye 
  • Threat Intelligence: MISP, ThreatConnect, Recorded Future  
  • Scripting: Python, PowerShell, Bash  
  • Cloud Security: AWS GuardDuty, Azure Security Center, GCP Security Command Center  
  • Other: Wiresha