Sr. Consultant - Threat Hunter Job
Hyderabad, TG, IN
Yash Technologies
YASH Technologies is a leading Digital Solution Company for Business IT Solutions. YASH is a Right Sized Technology Partner of Choice.YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation.
At YASH, we’re a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single truth – bringing real positive changes in an increasingly virtual world and it drives us beyond generational gaps and disruptions of the future.
We are looking forward to hire Threat Hunter Professionals in the following areas :
Job Title:
SOC Threat Hunter
Position Type:
Full Time
Department/Group:
Cyber Security
Profile Type:
SOC Threat Hunter
Location:
All India locations
Requirement Type:
External
About Yash Technologies
YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences and drive business transformation. Working collaboratively with organizations including SAP, Microsoft, AWS, ServiceNow, Automation Anywhere, and Pega, we help clients realize exceptional value from their technology investments. With outstanding employee engagement and status as a preferred employer, we have been recognized as a "Great Place to Work" 7 years in a row.
Job Description
An experienced Threat Operations Hunter performs intelligence-driven network defense supporting the monitoring and incident response capabilities. The role involves analysis of large amounts of data from vendors and internal sources, including various indicator feeds, SIEM, and several threat hunting tools, etc. Threat Hunters perform the functions of threat operations and hunting and serve as the liaison for Threat Intelligence in the Security Operations Center, and mentor the incident handling, incident response, and forensics teams. Years of EXPERIENCE: 4 to 7 years Role and Responsibilities- Conduct Proactive threat hunting using EDR and SIEM (Sentinel) tools to analyze data for indicators of compromise.
- Develop and test threat hunting hypotheses based on MITRE ATT&CK framework.
- Analyze large data sets to detect unusual patterns and potential threats.
- Propose and implement new queries to improve detection capabilities within SIEM systems.
- Fine-tune existing SIEM (Sentinel) queries to enhance accuracy and broaden the coverage of the threat detection
landscape. - Map active threat attack patterns to the Cyber Kill Chain to better understand and address security risks.
- Create and monitored dashboards based on TTPs to effectively visualize and track threat detections.
- Analyze critical security alerts and incidents to determine severity and potential impact, conducting deeper investigations into suspicious activities.
- Evaluate and correlate security events from multiple sources to identify potential threats, leveraging threat intelligence and contextual information.
- Conduct thorough reviews of security logs from various systems (firewalls, intrusion detection/prevention systems, EDR solutions) to identify anomalies or breaches.
- Perform root cause analysis on security incidents to understand underlying issues and prevent recurrence.
- create and maintain weekly/monthly reports for all SOC & TH activities.
- Contribute to the refinement of incident response processes, playbooks, and detection mechanisms to enhance overall security posture.
- Provide guidance and mentorship to junior analysts, sharing knowledge on best practices and new threats.
- Adhere strictly to the incident response plan when anomalies were detected, ensuring timely and coordinated
responses. - Provide actionable insights and recommendations to improve the organization's overall security posture.
- Any degree and/or certifications in Engineering, Computers Science, or related field.
- 3+ years overall technical experience in either Threat Hunting, incident response, security operations, or related information security field.
- Deep understanding of common network and application stack protocols, including but not limited to TCP/IP, SMTP, DNS, TLS, XML, HTTP, etc
- Excellent analytical and problem solving skills, a passion for research and puzzle-solving.
- Expert understanding of large, complex corporate network environments.
- Strong communication (oral, written, presentation), interpersonal and consultative skills, especially in regard to white papers, briefs, and presentations.
- Scripting experience related to system administration and security operations (Python, PowerShell, SQL)
- Demonstrates a "can do" attitude and is willing to stretch self to achieve and exceed defined goals/targets
- Displays awareness of customers’ stated needs and gives priority to meeting and exceeding customer expectations within stipulated time
- Explains ideas clearly and logically to others and is attentive in interactions
- Identifies the target audience for communication and carefully listens to their opinions and feedback
- Ability to work in Teams
Approved By:
Date:
4 Oct 2024
At YASH, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. We leverage career-oriented skilling models and optimize our collective intelligence aided with technology for continuous learning, unlearning, and relearning at a rapid pace and scale.
Our Hyperlearning workplace is grounded upon four principles
- Flexible work arrangements, Free spirit, and emotional positivity
- Agile self-determination, trust, transparency, and open collaboration
- All Support needed for the realization of business goals,
- Stable employment with a great atmosphere and ethical corporate culture
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Automation AWS Azure Cyber Kill Chain DNS EDR Firewalls Forensics Incident response Intrusion detection MITRE ATT&CK Monitoring PowerShell Python SAP Scripting Sentinel SIEM SMTP SOC SQL TCP/IP Threat detection Threat intelligence TLS TTPs XDR XML
Perks/benefits: Flex hours Team events Transparency
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.