Cyberwatch Analyst ( Threat Hunting )
Cyberwatch Analyst ( Threat Hunting )
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Description
Job Identification: L1
Job Date: 29 Jun 2025
Business: INDEC
Department / Function: Infra
Job Title: Cyberwatch Analyst
Grade: M12
Reporting to: Manager
Location: MUMBAI
Span of Control:
Experience Required: 3 - 6 years of experience.
Job Purpose/Summary:
The Cyberwatcher is responsible for proactively searching and identifying cybersecurity threats within the organizations assets.
He will be in contact with the Identify team to obtain information to help him carry out this task but he must also keep a watchful eye to anticipate the hunts. Cyberwatcher will liaise with the React team to ensure that once findings are successful the containment and eradication process can be implemented with his assistance and information. After the incident is closed he will create detailed incident reports and contribute to lessons learned in collaboration with the relevant team. He will also collaborate with the Offensive Security team during purple team exercises to enhance his Threat Hunting campaigns
This role involves creating valuable defense to potential threats to ensure the security and integrity of the organizations digital assets.
Key Responsibilities:
The Cyberwatcher is responsible for:
Maintain expert knowledge of Advanced Persistent Threat (APT) Tools Techniques and Procedures (TTPs) forensics and incident response best practices.
Use threat intelligence and threat models to build threat scenarios.
Prepare and conduct threat-hunting campaigns to check threat scenarios.
Research analyze and correlate a wide range of data sets from any source.
Proactive and iterative research into systems and networks to detect advanced threats.
Reporting risk analysis and threat findings to the relevant stakeholders.
Identify and provide automated alerts for emerging and historically unknown threats.
Co-operate with multiple teams within operations intelligence and engineering to continuously improve security checks and detection performance.
Participate PTXs (purple team exercises) by monitoring new detection capabilities.
Manage reports dashboards metrics for CyberSOC KPIs and presentation to senior management & other stakeholders.
Work closely with key stakeholders in technology application and cybersecurity to develop targeted use cases addressing specific advanced persistent threat (APT) behaviors.
Key Performance Indicators:
The Cyberwatcher is responsible for:
Maintain expert knowledge of Advanced Persistent Threat (APT) Tools Techniques and Procedures (TTPs) forensics and incident response best practices.
Use threat intelligence and threat models to build threat scenarios.
Prepare and conduct threat-hunting campaigns to check threat scenarios.
Research analyze and correlate a wide range of data sets from any source.
Proactive and iterative research into systems and networks to detect advanced threats.
Reporting risk analysis and threat findings to the relevant stakeholders.
Identify and provide automated alerts for emerging and historically unknown threats.
Co-operate with multiple teams within operations intelligence and engineering to continuously improve security checks and detection performance.
Participate PTXs (purple team exercises) by monitoring new detection capabilities.
Manage reports dashboards metrics for CyberSOC KPIs and presentation to senior management & other stakeholders.
Work closely with key stakeholders in technology application and cybersecurity to develop targeted use cases addressing specific advanced persistent threat (APT) behaviors
Qualificaton:
Bachelors degree in Computer Science Information Security EXTC or related field.
Relevant certifications (e.g. CISSP CCSP CompTIA Security) are highly desirable.
Proven experience (3 years) working within the Cybersecurity field with emphasis on Threat Hunting.
Experience with Palo Alto XDR and/or other SIEM platforms like Sentinel Qradar Splunk ArcSight etc.
Experience with Palo Alto XSOAR and/or equivalent SOAR Platforms like Resilient Phantom etc.
Expertise in network host (Windows and Linux systems) and cloud investigations.
Proficiency in scripting languages such as Python or PowerShell and regular expressions.
Knowledge of data mining and/or machine learning.
Skills in identification of cyber-attack campaigns.
Experienced in hunting for data using tools such as a SIEM.
Capacity to analyze malware extract indicators and create signatures in Yara Snort and IOC.
Robust analytical abilities and the skills to investigate write communicate and inform audiences at different levels including management.
Functional Skills/Competencies:
The Cyberwatcher is responsible for:
Maintain expert knowledge of Advanced Persistent Threat (APT) Tools Techniques and Procedures (TTPs) forensics and incident response best practices.
Use threat intelligence and threat models to build threat scenarios.
Prepare and conduct threat-hunting campaigns to check threat scenarios.
Research analyze and correlate a wide range of data sets from any source.
Proactive and iterative research into systems and networks to detect advanced threats.
Reporting risk analysis and threat findings to the relevant stakeholders.
Identify and provide automated alerts for emerging and historically unknown threats.
Co-operate with multiple teams within operations intelligence and engineering to continuously improve security checks and detection performance.
Participate PTXs (purple team exercises) by monitoring new detection capabilities.
Manage reports dashboards metrics for CyberSOC KPIs and presentation to senior management & other stakeholders.
Work closely with key stakeholders in technology application and cybersecurity to develop targeted use cases addressing specific advanced persistent threat (APT) behaviors
Behavioral Skills/Competencies:
Has a systematic disciplined and analytical approach to problem solving.
Excellent ability to think critically under pressure.
Strong communication skills to convey technical concepts clearly to both technical and non-technical stakeholders.
Willingness to stay updated with evolving cyber threats technologies and industry trends.
Employment Type
Full-time
