Threat Intelligence And Threat Hunting Tech Lead

Company Description METRO Global Solution Center MGSC is internal solution partner for METRO a EUR31 6 Billion international wholesaler with operations in 32 countries through 625 stores a team of 93 000 people globally METRO operates in a further 10 countries with its Food Service Distribution FSD business and it is thus active in a total of 34 countries MGSC location wise is present in Pune India Dusseldorf Germany and Szczecin Poland We provide IT Business operations support to 31 countries speak 24 languages and process over 18 000 transactions a day We are setting tomorrow s standards for customer focus digital solutions and sustainable business models For over 10 years we have been providing services and solutions from our two locations in Pune and Szczecin This has allowed us to gain extensive experience in how we can best serve our internal customers with high quality and passion We believe that we can add value drive efficiency and satisfy our customers The primary responsibility is to lead and manage the delivery team of Threat intel and hunting to ensure the efficient and effective monitoring and analyze potential threats develop strategies communicate findings to various stakeholders and mitigating cyber threats This includes continuously striving to enhance service quality and adherence to Service Level Agreements SLAs Strong communication analytical and critical thinking skills are essential for success Qualification Bachelor s degree in Computer Science Information Technology Cybersecurity or a related field A Master s degree or relevant certifications e g CISSP CISM SANS GIAC may be preferred 7-11 years of relevant professional experience in a large multi-national organization or in a known MSSP Responsibilities Develop and execute threat intelligence strategies focusing on identifying and mitigating cyber threats Lead activities to gather intelligence on threat actors including their tactics techniques and procedures TTPs Conduct in-depth analysis of the threat landscape focusing on industry-specific and emerging threats Use Various available Security controls and the telemetry data within to conduct proactive threat hunts using a hypothesis-based approach Analyse large datasets logs packet captures alerts to identify anomalies malicious activity and Indicators of Compromise IOCs Collaborate with SOC analysts incident responders and threat intelligence teams to improve detection rules and response strategies Additionally take the identified anomalies to a conclusion Define the metrics measurements and analytical tools to quantify surface area of risk business impact and implement mechanisms to track progress on efforts to reduce those risks Continuously improve hunting methodologies automation and use of threat hunting frameworks e g MITRE ATT CK Stay current on emerging threats vulnerabilities and cyber-attack techniques Create and present tailored threat intelligence and hunting reports along with mitigation strategies to internal stakeholders including executives and IT Team to take necessary actions Prepare monthly reports on threat hunts and able to showcase ROI of the overall threat hunting program Adapts quickly to changing priorities seeks new ideas and re-aligns team s priority roadmap to maximize business productivity Qualifications Technical Soft Skills In-depth knowledge of security operations center SOC operations Cyber incident response threat intelligence with extensive experience performing Threat hunting on IT Systems Network and Endpoints Proficiency in various SOC technologies and Threat Intel platform Experience with scripting Python PowerShell etc and automating threat detection or hunting tasks Proficiency with OSINT tools scripting and automation e g Python PowerShell and Darkweb Strong understanding of security frameworks e g MITRE ATT CK Cyber Kill Chain and current threat landscapes Knowledge about Advanced persistent threats and treat actors their TTPs Ability to recognize attack patterns and corelate them with specific threat actors Ability to proactively find cybersecurity threats and mitigate them Ability to obtain as much information on threat behaviour goals and methods as possible Knowledge of Analytics platforms for carrying out detailed analytics of obtained telemetry Strong understanding of Windows Linux and network protocols Excellent communication and interpersonal skills to effectively collaborate with clients stakeholders and internal teams Analytical and problem-solving skills to identify and address security issues and incidents Ability to adapt to changing security threats and evolving business requirements