Threat Hunter
Job Summary
Job Title: Threat Hunter
Location: Chennai
Experience: 510 Years
Employment Type: Full-Time
Notice Period: Immediate Joiners or Up to 15 Days
About the Role
We are seeking an experienced Threat Hunter to proactively identify investigate and mitigate advanced cyber threats across enterprise environments. The ideal candidate will have extensive experience in threat hunting incident response malware analysis and cyber threat intelligence with the ability to detect sophisticated attacks before they impact business operations.
Key Responsibilities
- Conduct proactive threat hunting across enterprise networks endpoints cloud platforms and hybrid environments.
- Identify Indicators of Compromise (IOCs) Indicators of Attack (IOAs) and suspicious behaviors using advanced detection techniques.
- Analyze security telemetry from SIEM EDR/XDR network and cloud security platforms to uncover hidden threats.
- Investigate advanced persistent threats (APTs) ransomware insider threats phishing campaigns and zero-day attacks.
- Develop and execute hypothesis-driven threat hunting methodologies based on threat intelligence and the MITRE ATT&CK framework.
- Perform malware analysis forensic investigations and root cause analysis for security incidents.
- Create custom detection rules use cases queries and analytics for threat detection platforms.
- Collaborate with SOC Incident Response Digital Forensics and Security Engineering teams to improve detection capabilities.
- Integrate threat intelligence feeds into security monitoring platforms and enhance detection logic.
- Automate repetitive threat hunting tasks using scripting and security automation tools.
- Prepare detailed investigation reports executive summaries and remediation recommendations.
- Stay updated with emerging cyber threats attacker tactics techniques and procedures (TTPs).
Technical Skills
Mandatory Skills
- Threat Hunting
- Cyber Threat Intelligence (CTI)
- Incident Response
- Digital Forensics
- Malware Analysis
- Endpoint Detection & Response (EDR)
- Extended Detection & Response (XDR)
- SIEM Platforms (Microsoft Sentinel Splunk IBM QRadar ArcSight)
- Microsoft Defender XDR
- CrowdStrike Falcon
- Microsoft Defender for Endpoint
- MITRE ATT&CK Framework
- IOC & IOA Analysis
- Network Traffic Analysis
- Windows Linux & Active Directory Security
- PowerShell
- Python
- Kusto Query Language (KQL)
- Log Analysis
- Network Protocols (TCP/IP DNS HTTP SMTP)
Good to Have
- Microsoft Sentinel
- Microsoft Defender Suite
- CrowdStrike Falcon
- Palo Alto Cortex XDR
- Microsoft Entra ID
- AWS Security
- Azure Security
- Google Cloud Security
- YARA Rules
- Sigma Rules
- Suricata
- Zeek
- Wireshark
- Microsoft Security Copilot
- SOAR Platforms
- Threat Intelligence Platforms (MISP Recorded Future Anomali)
Required Qualifications
- Bachelors degree in Computer Science Information Technology Cybersecurity or a related field.
- 510 years of experience in Cybersecurity Threat Hunting SOC Operations or Incident Response.
- Strong experience with SIEM EDR/XDR threat intelligence and endpoint security solutions.
- Hands-on experience in investigating complex cyber attacks and advanced threat actors.
- Strong knowledge of enterprise security architecture operating systems networking and cloud security.
- Experience creating custom threat hunting queries and detection rules.
- Excellent analytical investigative and problem-solving skills.
- Strong communication documentation and presentation skills.
Preferred Certifications
- GIAC Certified Threat Intelligence (GCTI)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Analyst (GCFA)
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- CompTIA CySA
- CompTIA Security
- Microsoft Certified: Security Operations Analyst Associate (SC-200)
- Microsoft Certified: Cybersecurity Architect Expert (SC-100)
- Splunk Certified Cybersecurity Defense Analyst
- CrowdStrike Falcon Administrator Certification (Preferred)
Soft Skills
- Strong analytical and investigative mindset.
- Excellent communication and report-writing skills.
- Ability to work under pressure during high-severity security incidents.
- Strong collaboration and stakeholder management skills.
- Self-motivated with a passion for continuous learning and emerging cyber threats.
- Ability to mentor junior analysts and contribute to improving SOC maturity.