Manager - Threat Hunting

Desired Experience/Exposure : - Minimum 10 years of experience in a technical role in the areas of Security Operations, Cyber Incident Response with extensive experience performing Threat hunting on IT Systems, Network and Endpoints. - With at least 7 years in threat hunting, incident response, or SOC roles. - Proficiency in SIEM platforms (Splunk, Sentinel, QRadar, etc.) XDR and EDR tools (CrowdStrike, Carbon Black, etc.). - Experience with scripting (Python, PowerShell, etc.) and automating threat detection or hunting tasks. - Strong understanding of Windows, Linux, and network protocols. - Familiarity with threat intelligence sources and frameworks (MITRE ATT&CK, Diamond Model, Cyber Kill Chain). - Ability to proactively find cybersecurity threats and mitigate them. - Knowledge about Advanced persistent threats and treat actors, their TTPs. Ability to recognize attack patterns and corelate them with specific threat actors. - Ability to obtain as much information on threat behaviour, goals and methods as possible. - Knowledge of Analytics platforms for carrying out detailed analytics of obtained telemetry. Industry : - Financial Domain (Banking / NBFC experience is desirable) Responsibilities : - Use Various available Security controls and the telemetry data within to conduct proactive threat hunts using a hypothesis-based approach. - Coordinate with various stakeholders to obtain the data as required. - Conduct proactive threat hunting across systems, networks, and endpoints using a variety of tools and data sources. - Analyse large datasets (logs, packet captures, alerts) to identify anomalies, malicious activity, and Indicators of Compromise (IOCs). - Develop and test hunting hypotheses based on threat intelligence, adversary emulation, and red team activities. - Collaborate with SOC analysts, incident responders, and threat intelligence teams to improve detection rules and response strategies. - Create custom detection logic and fine-tune SIEM/EDR alerts. - Provide detailed reports and briefings to stakeholders about findings and mitigation strategies. - Continuously improve hunting methodologies, automation, and use of threat hunting frameworks (e.g., MITRE ATT&CK). - Stay current on emerging threats, vulnerabilities, and cyber-attack techniques. - Identify Risks and Threats based on threat hunts undertaken. - Communicate with Senior Management and other stakeholders about the findings and to take necessary actions. - Work with Security Operations to take the identified anomalies to a conclusion. - Prepare monthly reports on threat hunts and able to showcase ROI of the overall threat hunting program. Certifications : - Security certifications such as GCFA, GCTI, GCIA, OSCP, CEH, or similar. - Experience using threat hunting platforms or custom-built hunting environments. (ref:hirist.tech)

Location: navi-mumbai, IN

Posted Date: 5/9/2025