Cybersecurity Specialsit - Threat hunter

Proactively hunt for advanced threats within the network and systems using various tools and techniques

Use both Attack Based Hunting and Data Based Hunting to identify and analyze potential threats

Stay up to date with the emerging threats and the tactics, techniques, and procedures (TTPs) used by threat actors

Use various data transformation techniques to facilitate effective hunting

Dissect and simulate attacks that would help in conceptualizing and executing the hunts

Contribute to the hunting knowledge management i.e., document details about the hunting expeditions, common behaviors, explained anomalies, friendly intelligence, etc.

Collaborate within/outside the team regarding the identified anomalies and develop and implement tactics for the detection and prevention of incidents

Create and maintain custom threat-hunting queries, scripts, and dashboards

Assist in converting successful hunting techniques into automated detection to the extent feasible

Evaluate the hunting evidence sources and identify improvement areas when needed

Perform host-based and network-based analysis to support investigations and incident response

Document, report, and present critical information about the investigation/procedures performed

Actively participate in the establishment of policies and procedures, training of personnel, and maintenance of analysis and hunting toolset

Provide recommendations for improving security posture based on threat-hunting insights

Contribute to and/or participate in Cyber Maturity Assessment activities like purple team exercises, table-top exercises, etc.

Share knowledge and ideas with other team members