Senior Support Analyst

Title: Cyber Threat Hunter

 

Manager: Rajesh More

Division:  Security Operations Center

 

Department: IT Security

Background Information:

 

The Global Information Security teams are responsible for the confidentiality, integrity and availability of the firm’s information and assets. Responsible for maintaining, communicating and raising awareness of the Policy. Facilitate the effective implementation and compliance of the firm’s polices.

 

The Global Information Security Team is based in Europe, Asia, India and America.

 

Description of IT service:
The candidate will be responsible to detect advanced cyber threats through proactive hunting.

 

 

Duties & Responsibilities:

 

Job Overview:
Responsibilities:

• Perform proactive threat hunting and analysis to identify advanced threats.
• Report on findings, and recommend system-tuning requirements.
• Work with Global Threat Intelligence team to research emerging threats and attacker tactics, techniques and procedures (TTP).
• Develop Threat hunting use cases and simulate to perform control testing for different security products, vulnerabilities etc
• Make recommendations and work with infrastructure and applications teams to remediate Red team findings.
• Play incident responder role during major security incidents to collaborate with IT Security and platform team
• Work with SOC team to strengthen proactive detection capabilities, develop new SOC monitoring use cases.
• Create and report KPIs for threat hunting program for governance and management visibility.

 

Knowledge, Skill, Experience Required:

 

Essential:

• Any Graduate with 5-8 years’ experience of working in IT Security.
• Experience working and querying SIEM tools or other log-based data
• Highly skilled in writing and tuning correlation rules for event detection
• Strong analytical skills and ability to work with very large amounts of network and host based log data using ELK or similar analytics platform.
• Experience in large-scale data analysis of structured and unstructured data-sets
• Deep understanding of cyber security concepts, adversarial and red team methodologies.
• Strong knowledge of network communications, routing protocols, regulatory standards and compliance requirements and common internet applications/standards
• Strong understanding of OS and Web application attacks.
• Experience with MITRE ATT&CK Framework
• Experience with endpoint detection and response solution like CrowdStrike Falcon or Carbon Black
• Excellent written and verbal communication skills
• Experience with Digital Forensics and Static/Dynamic malware analysis

Beneficial:

• Experience with scripting languages, including Python and PowerShell
• Experience with regular expressions
• GCFA, GCFE, GREM, GNFA Certification
• Good Documentation skills

Personal Characteristics:

• Strong communication skills, ability to work comfortably with different regions
• Actively participate within internal project community  
• Good team player, ability to work on a local, regional and global basis and as part of joint cross location initiative.
• Self-motivated, able to work independently and with a team
• Able to perform under pressure.