Share this Job

Principal Analyst, Information Security (Threat Hunter)

Date: Jan 3, 2022

Location: Charlotte, NC, US, 28277

Company: XPO Logistics


Solutions driven success.


XPO is a top ten global provider of transportation services, with a highly integrated network of people, technology and physical assets. At XPO Logistics, we look for employees who like a challenge and can communicate effectively in all situations. We want to leverage your skills and years of experience to drive positive results while ensuring a bright future for yourself and XPO. If you’re looking for a growth opportunity, join us at XPO. 


As the Principal Analyst, Information Security (Threat Hunter), you’ll serve as the lead of the cyber threat hunting functions for the information security team. You’ll be responsible for reviewing threat intelligence to plan and conduct proactive threat hunts throughout the enterprise. This role is critical in positioning XPO for long-term success.


Pay, benefits and more.

We are eager to attract the best, so we offer competitive compensation and a generous benefits package, including full health insurance (medical, dental and vision), 401(k), life insurance, disability and the opportunity to participate in a company incentive plan.


What you’ll do on a typical day:

  • Gather and utilize threat intelligence to lead relevant hunt missions across the enterprise, working directory with the Cybersecurity Operations Center (CSOC) and Digital Forensics & Incident Response (DFIR) teams
  • Analyze threat actor profiles and track threat groups and their associated indicators of compromise and tactics, techniques, and procedures to drive hunting, detection, and prevention efforts
  • Develop and produce reports on threat hunt findings as well as team metrics and key performance indicators
  • Review breaking cyberthreat news and disseminate to appropriate teams to maintain appropriate levels of situational awareness
  • Serve as part of the CIRT (Cyber Incident Response Team), working with other members of the core incident response team and stakeholders throughout the incident response lifecycle

What you need to succeed at XPO:

At a minimum, you’ll need:

  • Bachelor's degree or equivalent related work or military experience
  • Minimum 5 years of related incident response or cyber threat hunting/intelligence experience
  • Knowledge of the corporate cybersecurity threat landscape, cyber threats and vulnerabilities, system and application security threats and vulnerabilities, and tactics and targets of Nation State actors and APTs
  • Experience working with EDR and SIEM technologies, to include custom content creation
  • Familiarity with intrusion detection methodologies and techniques for detecting host and network-based intrusions; incident response and handling methodologies
  • Demonstrated experience with data analysis, documentation and reporting

It’d be great if you also have:

  • Bachelor’s degree in Computer Science, Cybersecurity, or a related field, or equivalent work experience
  • GCIH, GCFA, GNFA, GREM, GHTI or other industry-relevant certification(s)
  • Familiarity with Cloud structure and security monitoring capabilities for GCP, AWS, Azure and O365
  • Advanced incident response skills to include host-based forensics, memory forensics, network forensics, packet capture analysis, and static / dynamic malware analysis.  Be part of something big

Be part of something big.


XPO is a leading provider of world-class solutions to the most successful companies in the world. We help our customers manage their goods most efficiently using our technology and services. Our greatest strength is our global team – energetic, innovative people of all experience levels and talents who make XPO a great place to work.


We are proud to be an Equal Opportunity/Affirmative Action employer. Qualified applicants will receive consideration for employment without regard to race, sex, disability, veteran or other protected status.

XPO adheres to CDC, OSHA and state and local requirements regarding COVID safety. All employees and visitors are expected to comply with XPO policies which are in place to safeguard our employees and customers.


All applicants who receive a conditional offer of employment may be required to take and pass a pre-employment drug test.


The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. All employees may be required to perform duties outside of their normal responsibilities from time to time, as needed. Review XPO's candidate privacy statement here. 

Nearest Major Market: Charlotte

Job Segment: Information Security, Corporate Security, Computer Science, Data Analyst, Technology, Security, Data