Job Description

JD:

Threat Hunting capabilities:

>Perform quality threat hunting in identifying and analysing advanced persistent threats (APTs).

>Develop and execute threat hunting based on threat intelligence, behavioural analytics.

>Ability to form hypothesis and execute the same to identify the threats in the environment.

>Understanding (working experience) of on-premises & cloud environments (AWS, Azure, GCP).

>Understanding of how scripts/process work



Situational awareness & collaboration:

>Stay updated on emerging threats, vulnerabilities, and attack vectors.

>Working in collaboration with SOC and incident response teams to action preventive steps to mitigate the threats.



Analysis & detection:

>Query and analyze logs and datasets to identify IOCs and tactics, techniques, and procedures (TTPs).

>Use-case creation in SIEM & relevant technology post threat hunting to generate alerts in case of an event.

>Building of scripts for analysis and queries, and to automate threat detection and reduce false positives.



Reporting & Communication:

>Provide detailed reports and dashboards on threat hunting activities and outcomes.

>Communicate findings and recommendations to technical and non-technical stakeholders.



Other important

>Strong analytical and problem-solving skills.

>Ability to think like an adversary and simulate attack scenarios.

>Excellent communication, reporting and presentation capabilities.