Threat Hunter Security Lead
Share
Job Location:
Monthly Salary:
Posted on:
7 hours ago
Vacancies:
1 Vacancy
Job Summary
Job Title: Threat Hunter & (Computer Security Incident Response Team) CSIRT Lead
Experience: 6 Years
Certifications: Threat Hunting & Forensics (preferred)
Location: PAN India
Shift: 24x7
Experience: 6 Years
Certifications: Threat Hunting & Forensics (preferred)
Location: PAN India
Shift: 24x7
Role Overview
The Threat Hunter & CSIRT Lead is responsible for proactively identifying cyber threats analyzing threat
intelligence and supporting incident response activities. This role involves advanced threat hunting
forensic analysis and collaboration with SOC and IR teams to strengthen the organizations security
posture. The position requires expertise in threat intelligence hypothesis-driven hunting and creating
actionable insights for mitigation and remediation.
The Threat Hunter & CSIRT Lead is responsible for proactively identifying cyber threats analyzing threat
intelligence and supporting incident response activities. This role involves advanced threat hunting
forensic analysis and collaboration with SOC and IR teams to strengthen the organizations security
posture. The position requires expertise in threat intelligence hypothesis-driven hunting and creating
actionable insights for mitigation and remediation.
Mandatory Skills
Should function as Threat Hunters or Incident Responders.
Expertise in:
o Cloud environments
o Virtual machines (VMs)
o Containers
o Strong development-focused background.
Should function as Threat Hunters or Incident Responders.
Expertise in:
o Cloud environments
o Virtual machines (VMs)
o Containers
o Strong development-focused background.
Key Responsibilities
Threat Hunting & Intelligence
Perform intelligence-driven network defense and proactive threat hunting across all platforms.
Search for hidden cyber threats and risks before attacks occur.
Gather and analyze threat behavior goals and methods to identify trends and vulnerabilities.
Develop threat hunting scenarios hypotheses and IoC databases.
Stay updated on latest and prevalent threats for effective hunts.
Perform intelligence-driven network defense and proactive threat hunting across all platforms.
Search for hidden cyber threats and risks before attacks occur.
Gather and analyze threat behavior goals and methods to identify trends and vulnerabilities.
Develop threat hunting scenarios hypotheses and IoC databases.
Stay updated on latest and prevalent threats for effective hunts.
Incident Response & CSIRT Support
Provide threat intelligence support during security incidents.
Deliver logs and forensic data as required by CSIRT and forensic teams.
Collaborate with IR teams for containment and remediation strategies.
Proficiency with AWS products and services including security concepts like IAM CloudTrail
GuardDuty and integration with tools for automated response
Analysis & Reporting
Analyze internal risk and security controls to identify weaknesses.
Assess external and internal cyber threats and predict future risks.
Provide threat intelligence support during security incidents.
Deliver logs and forensic data as required by CSIRT and forensic teams.
Collaborate with IR teams for containment and remediation strategies.
Proficiency with AWS products and services including security concepts like IAM CloudTrail
GuardDuty and integration with tools for automated response
Analysis & Reporting
Analyze internal risk and security controls to identify weaknesses.
Assess external and internal cyber threats and predict future risks.
Consolidate threat intelligence feeds and sources for actionable insights.
Prepare detailed monthly reports and present threat hunt scenarios to stakeholders and customers.
Process Development & Automation
Create SOPs and process documents for threat hunting operations.
Influence threat mitigation strategies and provide requirements for automation.
Collaboration & Communication
Act as SME for threat hunting and intelligence in SOC.
Coordinate with cross-functional teams for preventive and corrective measures.
Required Skills & Experience
6 years of experience in threat hunting threat intelligence and forensic analysis out of which
minimum 2 years of AWS experience is preferred.
Strong knowledge of attack vectors threat actor TTPs and advanced detection techniques.
Hands-on experience with enterprise security tools:
6 years of experience in threat hunting threat intelligence and forensic analysis out of which
minimum 2 years of AWS experience is preferred.
Strong knowledge of attack vectors threat actor TTPs and advanced detection techniques.
Hands-on experience with enterprise security tools:
o ServiceNow
o Azure AD & On-Premises AD
o Defender for Azure AD
o CrowdStrike
o SecurOnix
o Palo Alto
o Okta & Identity Management
o MarkMonitor
o Cloudflare
o AWS Route53
o Entra ID
o Microsoft Purview
o Azure AD & On-Premises AD
o Defender for Azure AD
o CrowdStrike
o SecurOnix
o Palo Alto
o Okta & Identity Management
o MarkMonitor
o Cloudflare
o AWS Route53
o Entra ID
o Microsoft Purview
Excellent analytical investigative and reporting skills.
Preferred Certifications
GIAC Cyber Threat Intelligence (GCTI)
GIAC Certified Forensic Analyst (GCFA)
CompTIA CySA or similar
GIAC Cyber Threat Intelligence (GCTI)
GIAC Certified Forensic Analyst (GCFA)
CompTIA CySA or similar
Key Skills
- Marketing & Promotions
- Access Control System
- Collection
- JQuery
- Kpo
- Financial Analysis
