The candidate will support threat hunting operations across the organization's enterprise infrastructure, proactively identifying and mitigating security threats through advanced data analysis, threat modeling, and response strategies.
Key Responsibilities
- Perform proactive threat hunting activities using a wide range of data sources and security tools.
- Analyze and correlate logs, alerts, and anomalies using platforms like Splunk, SQL, and other query languages.
- Collaborate with Red and Blue teams to simulate and defend against advanced threat actor tactics, techniques, and procedures (TTPs).
- Design, implement, and manage infrastructure to support Hunt Team operations.
- Research, engineer, and support information security systems aligned with business and technical requirements.
- Develop and enforce security standards, procedures, and guidelines across multi-platform environments.
- Identify, analyze, and interpret threat indicators and translate them into actionable detection strategies.
- Utilize SIEM, IDS/IPS, and endpoint security tools to monitor and detect potential intrusions.
- Perform log normalization, automation, and big data correlation for detecting anomalous activities.
- Manage incident and change tickets using ServiceNow, following escalation and SLA adherence.
- Maintain documentation within a knowledge base and contribute to process improvement.
- Conduct security monitoring and alert tuning for cloud environments (AWS, Azure).
Required Skills and Experience
- 5 to 8 years of hands-on threat hunting experience.
- Proficient with SIEM tools (e.g., Splunk), SQL, IDS/IPS, and endpoint security solutions.
- Experience in both offensive (Red team) and defensive (Blue team) operations.
- Strong understanding of attacker mindset, TTPs, and threat intelligence frameworks.
- Capability to design and implement detection logic based on threat actor behavior.
- Familiar with cloud platforms: AWS and Azure security architecture and monitoring.
- Scripting and log automation using big data tools or custom hunt frameworks.
- Hands-on experience in incident response workflows, ticketing systems (e.g., ServiceNow), and escalation processes.
Preferred Traits
- Strong analytical mindset and attention to detail.
- Effective communicator across technical and non-technical audiences.
- Ability to work autonomously and prioritize in a fast-paced security environment.
- Committed to continuous improvement and threat knowledge updates.
