Principal Advanced Threat Response Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Hewlett Packard Enterprise · 1 month ago

Principal Advanced Threat Response Analyst

positionUnited States
timeFull-time
remoteRemote
seniorityLead/Staff
money$120K/yr - $276K/yr
date10+ years exp

Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. They are seeking a highly experienced Principal Advanced Threat Response Analyst to lead investigations into advanced threats and enhance the organization's cyber defense. The role involves driving threat hunting efforts, leading incident response engagements, and mentoring junior analysts to improve overall security posture.

Data CenterEnterprise SoftwareInformation TechnologyIT ManagementNetwork Security
check
H1B Sponsor Likelynote

Responsibilities

Lead complex threat investigations involving APTs, ransomware, insider threats, and nation-state activity across enterprise and cloud environments
Drive proactive threat hunting programs focused on emerging TTPs, behavioral analytics, and detection gaps within EDR, SIEM, and network telemetry data
Develop and execute purple team exercises, simulating advanced adversarial tradecraft to assess detection and response capabilities
Collaborate with red teams and offensive security engineers to understand attacker tools, techniques, and procedures (TTPs) at a deep technical level and translate that understanding into effective detections
Perform incident command during major security events — leading multidisciplinary response teams, engaging executive stakeholders, and delivering after-action reports and strategic recommendations
Develop custom detections, playbooks, and automation in Splunk, Sentinel, or other platforms to improve time-to-detect and time-to-contain metrics
Mentor and coach junior analysts, hunters, and incident responders — fostering an environment of continuous learning and operational excellence
Contribute to threat intelligence initiatives, enriching internal intelligence feeds with context from ongoing investigations and external research
Collaborate with engineering and architecture teams to harden security controls across endpoint, network, and cloud layers
Conduct tabletop exercises and technical simulations to validate response readiness and identify process or technology gaps

Qualification

Incident responseThreat huntingDigital forensicsThreat intelligenceMalware analysisMITRE ATT&CK frameworkCloud securitySIEM expertiseEDR platformsScripting experienceCoachingLeadership skillsCommunication skillsCritical thinkingCreativity

Required

10+ years of experience in cybersecurity roles focused on incident response, threat hunting, digital forensics, threat intelligence, or SOC operations
Proven record of leading end-to-end investigations of advanced threat campaigns (APT) or other complex multi-vector attacks
Strong understanding of MITRE ATT&CK framework, adversary emulation, and kill chain analysis
Demonstrated expertise in both enterprise IT and cloud security (AWS, Azure, GCP) — from defensive and offensive perspectives
Working knowledge of red team / offensive security operations and the ability to deconstruct offensive tools (e.g., Cobalt Strike, Empire, Metasploit, Sliver, Mimikatz, other open-source OffSec tools) to detect their presence and behaviors
Deep knowledge of SIEMs (Splunk, Sentinel, ELK), EDR platforms (CrowdStrike, Carbon Black, Defender ATP), and forensics tools
Strong scripting or automation experience (Python, PowerShell, Bash) for hunting, enrichment, or data manipulation
Ability to design and facilitate purple team exercises and incident response tabletop simulations replicating advanced adversary techniques
Excellent communication and leadership skills; ability to brief executives, collaborate across functions, and guide junior team members
Advanced SANS certifications such as GCFA, GREM, GCIA, GNFA, GCTI, GSEC, or GCIH
Offensive certifications such as OSCP, OSEP, OSED, or CRTO
Recognition from hands-on platforms (e.g., Hack The Box, Cyber Defenders, TryHackMe) demonstrating technical proficiency

Preferred

Cloud security certifications (AWS Security Specialty, Azure Security Engineer, GCP Professional Cloud Security Engineer) are a plus

Benefits

Health & Wellbeing
Personal & Professional Development
Unconditional Inclusion

Company

Hewlett Packard Enterprise

twittertwittertwitter
company-logo
Hewlett Packard Enterprise is an edge-to-cloud company that uses comprehensive solutions to accelerate business outcomes.
dateFounded in 1939
location
Spring, Texas, USA
people-size10001+ employees
web-link
https://www.hpe.com

H1B Sponsorship

Hewlett Packard Enterprise has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (532)
2024 (585)
2023 (591)
2022 (523)
2021 (551)
2020 (398)

Funding

Current Stage
Public Company
Total Funding
$2.85B
Key Investors
Elliott Management Corp.
2025-04-15Post Ipo Equity· $1.5B
2024-09-10Post Ipo Equity· $1.35B
2015-11-02IPO

Leadership Team

leader-logo
Antonio Neri
President & CEO
linkedin
leader-logo
Fidelma Russo
EVP & GM, Hybrid Cloud and Chief Technology Officer
linkedin

Recent News

Law360
States Can't Block HPE Integration Amid Deal Review
2026-01-11
Benzinga.com
Top 3 Tech Stocks That Could Lead To Your Biggest Gains This Month
2026-01-09
Livemint.com
HPE-Juniper Integration Allowed as Judge Reviews Settlement
2026-01-09
Company data provided by crunchbase