Job Description

DP- Trishul Senior Threat Intelligence Analyst (L3) would work closely with SOC team and be responsible for incident detection, triage, analysis and response. Also, Good experience in Threat Hunting and Threat Intelligence Proactively lead and suppo rt incid ent response team during an incident. Hands on experience of implementation, configurations and management of SIEM tools(Qradar Splunk similar) including log source integrations, custom parser built, fine tuning and optimizing the correlati on rules and use cases Is MUST. Proven Experience on Security information and event management (SIEM) tools like (Qradar, Azure sentinel etc.) Having good experience to work in EDR solution like MS Defender Develop into the company expert on tracki ng the most advanced groups we encounter Provide threat context and integration support to multiple Threat Intelligence sources Maintain expert knowledge of advanced persistent threats tools, techniques, and procedures (TTPs) as well as forensics and incident response practices Analyze technical data to extract attacker TTPs, identify unique attributes of malware, map attacker infrastructure, and pivot to related threat data Identify and hunt for emerging threat activity across all internal exte rnal sources Establish standards, taxonomy, and processes for threat modeling and integration Perform threat research and analysis during high-severity cyber-attacks impacting the customer Identify quick defense techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 2 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatu res, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security e nvironment & suggest the gap closure Drive & Support Change Management. Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Front ending the governance meeting with customer and walkthrough of the sec.

Job Requirements: Cyber Threat Intelligence ThreatQ, Security Incident and Event Management, Threat Modeling Report

Job Type

Full Time

Location

PUNE

Mandatory Skills

• Cyber Threat Intelligence ThreatQ