Threat Management

3 weeks ago

mumbai, India Riverforest Connections Private Limited Full time

Job Description

Contribute to the design and execution of complex and unique hypothesis-based Cyber Threat Hunts, including hypothesis drafting and final documentation and closure.

§ Perform research and analysis of attacker techniques and emulate those attacks in controlled research environment.

§ Maintain current knowledge of attacker TTPs by actively consuming open and closed source threat intelligence.

§ Collaborate with the SOC and IR teams to investigate major incidents.

§ Provide counsel to Cyber Threat Hunt and Cyber Intelligence Leadership team regarding vendors, technologies, and special projects, and interact with suppliers to ensure appropriateness of Cyber Hunt and Detection tools and their configuration.

§ Interface with industry peers to acquire and share Cyber Hunt best-practices in the sector

§ Collect and analyze threat intelligence reports covering new threats, vulnerabilities, products, and research

§ Conducts deep-level analysis of malware, including how it is developed, functions, and is employed

§ Author threat intelligence reports, driven by our security operations team's own incidents, analysis, and adversary engagements

§ Evolve monitoring operations by extracting data from threat intelligence and create new content, signatures, and understanding of adversary TTPs

§ Analyze event feeds and collected malware over long term to trend and correlate

§ Investigate impact to customers to determine whether new detections or compromise notifications are necessary

§ Capable of conducting threat research focused on nation state, criminal, or other malicious activities

§ Deep understanding of APT and actor landscape

§ Threat Hunter to identify insider threats or outside attackers and take appropriate

§ Hypothesis to eradicate such incidents in customer.

§ Proactively hunting for known adversaries by leveraging MITRE framework

§ Searching for hidden threats to prevent the attack from happening by the use behavioral

§ analysis to detect anomalies indicating a threat.

§ Assist the SOC Monitoring & IR team in analysis and resolution of Major incidents.

§ Leverage Threat Intelligence gathered to execute Threat Hunting campaigns. Following types of Threat Hunting campaigns will be executed.

§ Threat Indicator driven threat hunting.

§ Hypotheses driven threat hunting.

§ MITRE ATT & CK framework driven hunting campaigns

§ Escalate true positives to Incident status and assist in relevant incident response

§ Perform end-to-end threat hunting, developing, maturing and maintaining TTP or attack pattern detection techniques.

§ Perform the full threat hunting cycle, including recommendations for EDR detection rules.

§ Collaborate with IR team to recommend and mitigate the effects caused by an incident.

§ Perform technical cyber security investigations on security incidents, root cause analysis and deep dive analysis of malicious artifacts, analyze threat intelligence, identify TTP and attack patterns.

§ Help mature the Security Incident Response process to ensure it meets the needs of the global business and is adhered to.

§ Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities.

§ Threat Analyst collects data types and sources of information. In addition to commonly collecting forms of threat data, i.e., malicious IPs and domains, vulnerability data such as

o personally identifiable information, and information from news and social media sources.

o Threat Analyst performs sorting, filtering, indexing on raw data. They also format and structure raw data.

o Analyst takes the result of several tools, data sources and combines those data points on a per-host basis, performing, investigating, and analyzing data.

o Intel feeds to all the stacks which requires priority attention to protect.

 

Education Qualification

Engineering graduate from Computer Science, IT, Telecommunication or a similar discipline

Post-Graduation: PGDIT, MCA, MBA

 

Key Skills

ü Certification like CISSP, CISA or CISM

ü Ability to handle senior management escalation.

ü Vendor management Skills

ü Effective communication

ü Proficient team leader

ü Strategic skills

ü Decision making and communication.

ü Risk management skills

ü Knowledge of latest cyber security trends & global industry best practices pertaining to financial Industry

ü Technical working knowledge, understanding of SIEM technology, various other security technology.

 

  • Threat Intelligence

    1 week ago

    Mumbai, India Pylon Management Consulting Full time

    We are hiring for the role of **Threat Intelligence **for our reputed client. Experience - 4+ Years Location-Mumbai Notice Period: 30 Days or less **Job Description for Threat Intelligence** - A broad understanding of security concepts; an interest and passion for Cyber Security - Compile cyber threat data collected through independent research and...

  • Threat Management

    1 week ago

    Mumbai, Maharashtra, India Riverforest Connections Private Limited Full time

    Job DescriptionContribute to the design and execution of complex and unique hypothesis-based Cyber Threat Hunts, including hypothesis drafting and final documentation and closure.§ Perform research and analysis of attacker techniques and emulate those attacks in controlled research environment.§ Maintain current knowledge of attacker TTPs by actively...

  • Threat Management

    1 week ago

    Mumbai, Maharashtra, India Riverforest Connections Private Limited Full time

    Job Description Contribute to the design and execution of complex and unique hypothesis-based Cyber Threat Hunts, including hypothesis drafting and final documentation and closure. § Perform research and analysis of attacker techniques and emulate those attacks in controlled research environment. § Maintain current knowledge of attacker TTPs by...

  • Threat Hunter

    1 week ago

    Mumbai, Maharashtra, India CoreIT Services Pvt. Ltd. Full time

    1. Position SummaryCore responsibilitiesa. Detect, investigate, and respond to security incidents in a timely and effective manner.b. Stay up-to-date with the latest threat intelligence feeds, trends, and emerging threats. Incorporate threat intelligence into the threat hunting process to enhance detection capabilities.c. Conduct "Hunt Missions" using threat...

  • Threat Hunter

    4 weeks ago

    Mumbai, Maharashtra, India CoreIT Services Pvt. Ltd. Full time

    **1. Position Summary** 2. Core responsibilities a. Detect, investigate, and respond to security incidents in a timely and effective manner. b. Stay up-to-date with the latest threat intelligence feeds, trends, and emerging threats. Incorporate threat intelligence into the threat hunting process to enhance detection capabilities. c. Conduct “Hunt...

  • Threat Management

    3 weeks ago

    Mumbai, India Riverforest Connections Private Limited Full time

    Job DescriptionContribute to the design and execution of complex and unique hypothesis-based Cyber Threat Hunts, including hypothesis drafting and final documentation and closure.§ Perform research and analysis of attacker techniques and emulate those attacks in controlled research environment.§ Maintain current knowledge of attacker TTPs by actively...

  • Insider Threat Analyst

    1 week ago

    mumbai, India WTW Full time

    About CompanyWTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are part...

  • Insider Threat Analyst

    7 days ago

    Mumbai, India WTW Full time

    About CompanyWTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are part...

  • Insider Threat Analyst

    1 week ago

    Mumbai, India WTW Full time

    About Company WTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are part...

  • Insider Threat Analyst

    1 week ago

    mumbai, India WTW Full time

    About Company WTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are...

  • Threat Hunter I

    1 week ago

    Mumbai, India Inspira Enterprise Full time

    **Job Name: Threat Hunter I **(Individual Contributor ) - **Location**: Mumbai or Remote Available ( India) & Experience Required: 5+ Years - This role offers you a unique opportunity to continuously stretch your technical skills by hands-on hunting for the latest threat actor techniques, whilst also owning strategic projects that see you working closely...

  • Insider Threat Engineer

    14 hours ago

    Mumbai, India WTW Full time

    Role: As the L2 Insider Threat Engineer, the primary responsibilities will be: Responsible for implementing, maintaining, and troubleshooting the IRM and DLP technologies, policies and rules used in WTW. Work closely with the L3 Insider Threat Engineering Manager to develop, implement, and refine rules and policies to help prevent data loss and protect...

  • Threat Hunter I

    1 week ago

    Mumbai, Maharashtra, India Inspira Enterprise Full time

    Job Name: Threat Hunter I (Individual Contributor )- Location: Mumbai or Remote Available ( India) & Experience Required: 5+ Years This role offers you a unique opportunity to continuously stretch your technical skills by handson hunting for the latest threat actor techniques, whilst also owning strategic projects that see you working closely with other...

  • Insider Threat Analyst

    19 hours ago

    mumbai, India WTW Full time

    As the L2 Insider Threat Analyst, the primary responsibilities will be: Perform advanced analysis and investigation of Insider Threat and DLP alerts across the various egress channels in both on premise and cloud environments. Analyse event/alert patterns to properly interpret and prioritise threats with available DLP and IRM tools and other data...

  • SOC & Threat Hunter

    1 week ago

    Mumbai, Maharashtra, India Locuz Enterprise Solutions Full time

    We are looking for SOC Lead & Threat Hunter with a good knowledge in splunk and threat hunting technologies.Roles & Responsibilities: Must have experience in any SIEM Management tool Splunk, QRADAR, HP Arc sight, Triage Specialist Separating the wheat from the chaff.Vulnerability Management tools like Tenable, Rapid 7, Qualys, Nmap, Brupsuite etc.Experience...

  • L1 Insider Threat Analyst

    7 days ago

    Mumbai, Maharashtra, India WTW GLOBAL DELIVERY AND SOLUTIONS INDIA PVT LTD. Full time

    Job Description - L1 Insider Threat AnalystWe are seeking passionate people to grow the Cyber Security team within WTW and provide an excellent service and trusted expertise to all parts of our business. We have an exciting opening for a skilled and experienced L1 Insider Threat Analyst. As part of the Cyber Defence department, this role will triage and...

  • Insider Threat Analyst

    3 hours ago

    mumbai, India WTW Full time

    As the L1 Insider Threat Analyst, the primary responsibilities will be: Perform initial system information analysis and triaging of Insider Threat and DLP alerts across the various egress channels in both on premise and cloud environments. Monitor Insider Threat and DLP alerts using available protection tools to respond, triage, and escalate as...

  • SOC & Threat Hunter

    4 weeks ago

    Mumbai, Maharashtra, India Locuz Enterprise Solutions Full time

    **We are looking for SOC Lead & Threat Hunter with a good knowledge in splunk and threat hunting technologies.** **Roles & Responsibilities**: - Must have experience in any SIEM Management tool **Splunk**, QRADAR, HP Arc sight, Triage Specialist - Separating the wheat from the chaff.- **Vulnerability Management tools like Tenable, Rapid 7, Qualys, Nmap,...

  • SOC & Threat Hunter

    1 day ago

    Mumbai, Maharashtra, India Locuz Enterprise Solutions Full time

    **We are looking for SOC Lead & Threat Hunter with a good knowledge in splunk and threat hunting technologies.** **Roles & Responsibilities**: - Must have experience in any SIEM Management tool **Splunk**, QRADAR, HP Arc sight, Triage Specialist - Separating the wheat from the chaff.- **Vulnerability Management tools like Tenable, Rapid 7, Qualys, Nmap,...

  • Security Analyst

    2 months ago

    mumbai, India Pravdaa People Pvt Ltd Full time

    Job Responsibilities:- Managing security intelligence and threats.- Overseeing logging and monitoring processes.- Handling vulnerability management and malicious code management.- Operating the Security Service Desk.- Managing security incidents effectively and efficiently.Your responsibilities :- Managing security intelligence and threats.- Overseeing...