SOC & Threat Hunter
3 days ago
**We are looking for SOC Lead & Threat Hunter with a good knowledge in splunk and threat hunting technologies.**
**Roles & Responsibilities**:
- Must have experience in any SIEM Management tool **Splunk**, QRADAR, HP Arc sight, Triage Specialist - Separating the wheat from the chaff.-
**Vulnerability Management tools like Tenable, Rapid 7, Qualys, Nmap, Brupsuite etc.**Experience in conductinig VA/PT of Infrastructure and Web Application assessments**Behavioral anomaly detection to identify emerging threats**Investigations & Forensics - Investigate suspicious activity, contain and mitigate them** Cyber Kill Chain & MITRE ATTACK Matrix mapping & proactive hunting.**Threat Hunting, attack identification, investigation, correlation and suggesting mitigation measures**- Deep investigations/CSIRT, Mitigation/recommends changes, More advanced SME in cybersecurity,-
- Experienced security analyst, understands more advanced features of security tools, thorough understanding of networking and platform architecture (routers, switches, firewalls, security), Ability to dig through and understand various logs (Network, firewall, proxy, app, etc..)-
- Good to have either of certifications like, ITIL, CCNA, CEH, etc.-
- Process and Procedure adherence.-
- Tier 2 Security Analystaddresses real security incidents.-
- Evaluates incidents identified by tier 1 analysts.Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of the attack.-
- Analyzes running processes and configs on affected systems.-
- Carries out in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted. Creates and implements a strategy for containment and recovery.-
- Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques.-
- Should have experience in Developing new correlation rules & Parser writing experience in Log source integration.-
- Act as the lead coordinator to individual information security incidents.-
- Document incidents from initial detection through final resolution.-
- Participate in security incident management and vulnerability management processes.-
- Coordinate with IT teams on escalations, tracking, performance issues, and outages.-
- Communicate effectively with customers, teammates, and management.-
- Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation.-
- Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies.-
- Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures.-
- Follow ITIL practices regarding incident, problem and change management.-
- Staying up to date with emerging security threats including applicable regulatory security requirements.-
- Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate-
- Publish weekly reports to applicable teams-
- .Generate monthly reports on SOC activity.-
- Should be skilled on Deception Technology, EPP, EDR, IPS/IDS desirable.
-
SOC & Threat Hunter
1 week ago
Mumbai, Maharashtra, India Locuz Enterprise Solutions Full timeWe are looking for SOC Lead & Threat Hunter with a good knowledge in splunk and threat hunting technologies.Roles & Responsibilities: Must have experience in any SIEM Management tool Splunk, QRADAR, HP Arc sight, Triage Specialist Separating the wheat from the chaff.Vulnerability Management tools like Tenable, Rapid 7, Qualys, Nmap, Brupsuite etc.Experience...
-
Threat Hunter
4 weeks ago
Mumbai, Maharashtra, India IBM Full timeIntroduction Your Role and Responsibilities Is a thought leader in security intelligence and operations. This Level 3 role and is Subject Matter Expert (SME) and is involved running Threat hunting expeditions in your environment. He/She will develop suitable documentation and provide guidance to team performing for event analysis & Use-case...
-
Threat Hunter
2 weeks ago
Mumbai, Maharashtra, India IBM Full timeIntroduction Your Role and Responsibilities Is a thought leader in security intelligence and operations. This Level 3 role and is Subject Matter Expert (SME) and is involved running Threat hunting expeditions in your environment. He/She will develop suitable documentation and provide guidance to team performing for event analysis & Use-case...
-
Threat Hunter
3 weeks ago
Mumbai, India Network Intelligence Full time**Designation**: Threat Hunter - Security Operations Center (SOC) **Job Code**: HR1202 **Location**: Mumbai **Experience**: 2+ years - Log mining and identifying threats, Malware analysis and reverse engineering. - Document vulnerabilities and Exploits used while analyzing a malware. - Analyze, evaluate, and document malicious code behavior. - Identify...
-
Threat Hunter, Mitre Framework
3 weeks ago
Mumbai, India RARR Technologies Full time**Job Details - Threat Hunter, MITRE framework**: **Job ID**: - RARR Job 3286**Job Title**: - Threat Hunter, MITRE framework**Job Type**: - Permanent**Job Location**: - Mumbai**Total Experience**: - 5 - 8 Years**Skills**: - Indicators Of Compromise, Ioc, Ttps, Apt, Advanced Persistent Threat, Mitre Att**Posted - **13/05/2023 **Job Description**: **Job...
-
Threat Hunter, Mitre Framework
1 week ago
Mumbai, Maharashtra, India RARR Technologies Full timeJob Details - Threat Hunter, MITRE framework:Job ID: RARR Job 3286Job Title: Threat Hunter, MITRE frameworkJob Type: PermanentJob Location: MumbaiTotal Experience:YearsSkills: Indicators Of Compromise, Ioc, Ttps, Apt, Advanced Persistent Threat, Mitre AttPosted 13/05/2023Job Description:Job Details:Threat HunterThreat Hunter search iteratively through...
-
Threat Hunter I
2 weeks ago
Mumbai, India Inspira Enterprise Full time**Job Name: Threat Hunter I **(Individual Contributor ) - **Location**: Mumbai or Remote Available ( India) & Experience Required: 5+ Years - This role offers you a unique opportunity to continuously stretch your technical skills by hands-on hunting for the latest threat actor techniques, whilst also owning strategic projects that see you working closely...
-
Threat Hunter I
1 week ago
Mumbai, Maharashtra, India Inspira Enterprise Full timeJob Name: Threat Hunter I (Individual Contributor )- Location: Mumbai or Remote Available ( India) & Experience Required: 5+ Years This role offers you a unique opportunity to continuously stretch your technical skills by handson hunting for the latest threat actor techniques, whilst also owning strategic projects that see you working closely with other...
-
Threat Hunter
4 weeks ago
Mumbai, Maharashtra, India CoreIT Services Pvt. Ltd. Full time**1. Position Summary** 2. Core responsibilities a. Detect, investigate, and respond to security incidents in a timely and effective manner. b. Stay up-to-date with the latest threat intelligence feeds, trends, and emerging threats. Incorporate threat intelligence into the threat hunting process to enhance detection capabilities. c. Conduct “Hunt...
-
Threat Hunter
1 day ago
Mumbai, Maharashtra, India CoreIT Services Pvt. Ltd. Full time**1. Position Summary** 2. Core responsibilities a. Detect, investigate, and respond to security incidents in a timely and effective manner. b. Stay up-to-date with the latest threat intelligence feeds, trends, and emerging threats. Incorporate threat intelligence into the threat hunting process to enhance detection capabilities. c. Conduct “Hunt...
-
Threat Hunter
1 week ago
Mumbai, Maharashtra, India CoreIT Services Pvt. Ltd. Full time1. Position SummaryCore responsibilitiesa. Detect, investigate, and respond to security incidents in a timely and effective manner.b. Stay up-to-date with the latest threat intelligence feeds, trends, and emerging threats. Incorporate threat intelligence into the threat hunting process to enhance detection capabilities.c. Conduct "Hunt Missions" using threat...
-
Threat Management
1 week ago
Mumbai, Maharashtra, India Riverforest Connections Private Limited Full timeJob DescriptionContribute to the design and execution of complex and unique hypothesis-based Cyber Threat Hunts, including hypothesis drafting and final documentation and closure.§ Perform research and analysis of attacker techniques and emulate those attacks in controlled research environment.§ Maintain current knowledge of attacker TTPs by actively...
-
Security - Siem Threat Responder
2 weeks ago
Mumbai, Maharashtra, India IBM Full timeIntroduction Your Role and Responsibilities As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. These Senior Specialists are QRadar SMEs that are responsible for event analysis & threat responses. They would also be performing investigation of events escalated from monitoring (Level-1...
-
Threat Management
1 week ago
Mumbai, Maharashtra, India Riverforest Connections Private Limited Full timeJob Description Contribute to the design and execution of complex and unique hypothesis-based Cyber Threat Hunts, including hypothesis drafting and final documentation and closure. § Perform research and analysis of attacker techniques and emulate those attacks in controlled research environment. § Maintain current knowledge of attacker TTPs by...
-
SOC Analyst
4 weeks ago
Mumbai/Maharashtra, Maharashtra, India HARP Technologies and Services Full timeLocation : MumbaiExp : 3-5 yearsSOC exp : 3+ yearsWork Mode : WFO completelyInterview : All interview rounds will be done F2F onlyRoles and Responsibilities :- Log validation: Once device onboarded, verify logs and confirm required logs are receiving or not- Ensure depending on logs, all required use cases are configured- Excellent knowledge and experience...
-
SOC Analyst
1 month ago
Mumbai/Maharashtra, India HARP Technologies and Services Full timeLocation : MumbaiExp : 3-5 yearsSOC exp : 3+ yearsWork Mode : WFO completelyInterview : All interview rounds will be done F2F onlyRoles and Responsibilities :- Log validation: Once device onboarded, verify logs and confirm required logs are receiving or not- Ensure depending on logs, all required use cases are configured- Excellent knowledge and experience...
-
SOC Analyst
4 weeks ago
Mumbai/Maharashtra, Maharashtra, India HARP Technologies and Services Full timeLocation : MumbaiExp : 3-5 yearsSOC exp : 3+ yearsWork Mode : WFO completelyInterview : All interview rounds will be done F2F onlyRoles and Responsibilities :- Log validation: Once device onboarded, verify logs and confirm required logs are receiving or not- Ensure depending on logs, all required use cases are configured- Excellent knowledge and experience...
-
SOC Analyst
3 weeks ago
Mumbai/Maharashtra, India HARP Technologies and Services Full timeLocation : MumbaiExp : 3-5 yearsSOC exp : 3+ yearsWork Mode : WFO completelyInterview : All interview rounds will be done F2F onlyRoles and Responsibilities :- Log validation: Once device onboarded, verify logs and confirm required logs are receiving or not- Ensure depending on logs, all required use cases are configured- Excellent knowledge and experience...
-
Security - Siem Threat Responder
2 months ago
Navi Mumbai, Maharashtra, India IBM Full timeIntroduction Your Role and Responsibilities As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. These Senior Specialists are QRadar SMEs that are responsible for event analysis & threat responses. They would also be performing investigation of events escalated from monitoring (Level-1...
-
Threat Management
3 weeks ago
Mumbai, India Riverforest Connections Private Limited Full timeJob DescriptionContribute to the design and execution of complex and unique hypothesis-based Cyber Threat Hunts, including hypothesis drafting and final documentation and closure.§ Perform research and analysis of attacker techniques and emulate those attacks in controlled research environment.§ Maintain current knowledge of attacker TTPs by actively...
