HD Informática, empresa creada por un grupo de profesionales que conscientes del papel clave de las tecnologías de la información y las comunicaciones ofrece soluciones tecnológicas avanzadas a las diferentes industrias y competidores globales en el mercado de TI, de la mano de un equipo especialistas en servicios profesionales y desarrollo de aplicaciones informáticas.

HDI ofrece sus servicios, especializándose en áreas estratégicamente elegidas para ayudar a nuestros clientes y resolver sus necesidades colaborando de manera integral en un mundo constantemente cambiante, adaptando nuestras opciones de cambio a sus necesidades diarias a través de un impulso tecnológico y humano.

En HDI estamos en búsqueda de profesionales con la siguientes características:

Job Title: Threat Hunter

Experience Required: 3 to 6 Years

Location: Hybrid - 3 days Work from Partner Office and 2 days WFH. All this in CDMX

Job Type: Full-time

Department: MDR Security Operations Centre (SOC)

Job Summary:

We are seeking for an experienced and proactive Threat Hunter to join our team. The ideal

candidate will play a critical role in proactively identifying and analyzing advanced threats, zero-day

attacks, and anomalous behaviors that evade traditional detection mechanisms. Your expertise will

help strengthen our threat detection capabilities and bolster our cyber defense posture.

Key Responsibilities:

• Proactively Hunt and identify threat actor groups and their techniques, tools and processes.

• Work with the engineering team to transform attacker TTPs into viable, low false-positive

behavioral and signature detection using a variety of techniques including Machine

Learning, with an emphasis on sequential classification and pattern-matching.

• Analyze large datasets (logs, traffic, telemetry) to uncover hidden threats and patterns of

suspicious behavior.

• Collaborate with SOC Analysts, Customer Teams, Incident Response teams, and Threat

Intelligence teams to escalate and respond to findings.

• Create detailed reports, dashboards, and metrics to communicate findings to both

technical and non-technical stakeholders.

• Collaborate in fine-tuning detection use cases, SIEM rules, and automation scripts based

on hunting findings.

• Provide expert analytic investigative support of large scale and complex security incidents

• Continuously improve processes for use across multiple detection sets for more efficient

operations

• Document best practices using available collaboration tools and workspace

• Communicate potential threats, suspicious/anomalous activity, malware, etc., to the IR

team, and be a point of contact to the customer

• Perform analysis of security incidents & threat actors for further enhancement of Detection

Catalog and Hunt missions by leveraging the MITRE ATTACK framework

• Continuously improve processes for enhancing threat detection-Work with data scientists

to develop new analytical model for hunting

• Ability to translate cyber and application security issues into analytical models.

• Support forensic investigations and evidence preservation efforts, ensuring chain of

custody and audit requirements.

• Stay up to date with the latest TTPs, vulnerabilities, and threat actor behaviors through

collaboration with Threat Intel teams.

Required Skills & Experience:

• 3–6 years of experience in cybersecurity, with at least 2+ years in threat hunting or advanced

threat detection roles.

• Ability to work independently or as part of an incident response team in high-pressure

situations.

• Strong understanding of attacker behavior, TTPs, kill chains, and frameworks like MITRE

ATT&CK, Cyber Kill Chain, Diamond Model, etc.

• Proficiency in using SIEM platforms (e.g., ArcSight, Splunk, QRadar, Elastic, Azure Sentinel)

for querying and threat detection.

• Experience analyzing Windows/Linux logs, network traffic (PCAPs), DNS, proxy, firewall,

endpoint telemetry, etc.

• Strong knowledge of Windows/Linux systems, network security, firewalls, and endpoint

protection platforms (EPP/EDR).

• Familiarity with threat intelligence platforms and sector-specific sources (e.g., E-ISAC, OTCERT, CISA advisories).

• Experience with incident triage, malware analysis fundamentals, and vulnerability analysis.

• Familiarity with data science techniques or anomaly detection is a plus.

• Understanding of security frameworks: NIST CSF, ISO 27001, CIS Controls, etc. is a plus

Preferred Certifications:

• CEH – Certified Ethical Hacker

• CompTIA Security+

• CySA+ – CompTIA Cybersecurity Analyst

• GCIH – GIAC Certified Incident Handler (preferred)

• CISSP Associate / SSCP – for general security understanding is a plus

• ITIL Foundation is a plus

Education:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related

field (or equivalent practical experience).

Preferred Traits:

• Curiosity-driven, detail-oriented, and committed to continuous improvement.

• Ability to handle ambiguity, think creatively, and solve complex security challenges.

• Excellent verbal and written communication skills.

• Calm under pressure, especially during high-impact incidents.

• Familiarity with ticketing and case management platforms (e.g., ServiceNow, Jira).

• Team player with a proactive mindset and passion for defending against cyber threats.

• Exposure to working with MSSPs, MDR providers, or multi-tenant SOCs is a plus.

• Experience supporting enterprise clients in regulated sectors (e.g., BFSI, Energy,

Healthcare) is a plus