Cyber Threat Investigator
1 day ago
Description :Manage security event monitoring and incident response using SIEM platforms, with preference for Azure Sentinel and ArcSight. Analyze and respond to security events from diverse sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications. Develop and maintain alert rules and logic within SIEM to ensure accurate detection of security events. Assist senior personnel in managing complex security incidents and improving incident response times.Job Purpose :Administration:Responsible for threat-hunting by proactively identifying and mitigating advanced threats within an organization’s networkThis role involves working closely with the security operations team to enhance organization’s cybersecurity posture by proactively identifying and mitigating advanced threatsKey Result Areas :- Proactive Threat Hunting: Conduct proactive threat hunting activities to identify and isolate advanced threats that may bypass traditional security measures over network, endpoints, and cloud environments, searching for indicators of compromise (IOCs), advanced persistent threats (APTs), and other hidden adversary activity- Utilize advanced analytical techniques such as behavioral analysis, anomaly detection, and machine learning to identify emerging threats and patterns- Leveraging threat intelligence (both internal and external) to correlate and enhance hunting activities and adapt to new attack tactics, techniques, and procedures (TTPs).- Develop and apply hunting frameworks and methodologies to continuously improve detection capabilities. This includes leveraging frameworks like MITRE ATT&CK for understanding adversary tactics and behaviors.- Data Analysis: Analyze large datasets, network traffic, and user behavior to detect anomalies and potential security breaches- Hypothesis Development: Develop and test hypotheses about potential malicious activities within the organization’s environment.- Incident Response: Collaborate with the incident response team to investigate and respond to identified threats.- Threat Intelligence Integration: Utilize threat intelligence to inform and enhance threat hunting activities.- Reporting and Documentation: Document findings, create detailed reports, and communicate results to stakeholders.- Continuous Improvement: Stay updated with the latest threat landscapes, attack techniques, and security technologies to continuously improve threat hunting methodologies.Key Principles :- Alignment with Business Priorities: Provide strategic direction and oversight of threat-hunting process, ensuring alignment with organizational goals and objectives- Ownership and Accountability: The threat hunting manager takes full responsibility for activities and the holding self and team accountable for their outcomes.- Driving Threat hunting Maturity Enhancement: This role proactively drives initiatives that enhance incident response and resilient cyber posture.- Focus on Outputs and Impact: Focus on delivering outputs that create meaningful impact such as enhanced security culture and protection posture of the
-
Cyber threat investigator
3 days ago
Bengaluru, India Mashreq Full timeDescription : Manage security event monitoring and incident response using SIEM platforms, with preference for Azure Sentinel and Arc Sight. Analyze and respond to security events from diverse sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications. Develop and maintain alert rules and logic within...
-
Cyber threat investigator
1 day ago
Bengaluru, India Mashreq Full timeDescription :Manage security event monitoring and incident response using SIEM platforms, with preference for Azure Sentinel and Arc Sight. Analyze and respond to security events from diverse sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications. Develop and maintain alert rules and logic within...
-
Cyber Threat Investigator
1 day ago
Bengaluru, India Mashreq Full timeDescription :Manage security event monitoring and incident response using SIEM platforms, with preference for Azure Sentinel and ArcSight. Analyze and respond to security events from diverse sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications. Develop and maintain alert rules and logic within...
-
Cyber Threat Investigator
2 weeks ago
Bengaluru, Karnataka, India ColorTokens Inc. Full timeAbout ColorTokensAt ColorTokens, we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen—but with our cutting-edge ColorTokens Xshield platform, companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We enable organizations to...
-
Cyber investigations specialist
4 weeks ago
Bengaluru, India Talentmatics Full timeWe are seeking a highly skilled and detail-oriented Cyber Investigations Specialist with 6–8 years of experience to join our cybersecurity team. In this role, you will lead in-depth investigations into cyber incidents, digital fraud, data breaches, insider threats, and other cybercrimes — ensuring swift resolution, integrity of evidence, and compliance...
-
Cyber Threat Investigator
2 days ago
Bengaluru, India Mashreq Full timeDescription :Manage security event monitoring and incident response using SIEM platforms, with preference for Azure Sentinel and ArcSight. Analyze and respond to security events from diverse sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications. Develop and maintain alert rules and logic within...
-
Cyber Threat Investigator
5 days ago
Bengaluru, India Mashreq Full timeDescription :Manage security event monitoring and incident response using SIEM platforms, with preference for Azure Sentinel and ArcSight. Analyze and respond to security events from diverse sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications. Develop and maintain alert rules and logic within...
-
Cyber Threat Investigator
5 days ago
Bengaluru, India Mashreq Full timeDescription :Manage security event monitoring and incident response using SIEM platforms, with preference for Azure Sentinel and ArcSight. Analyze and respond to security events from diverse sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications. Develop and maintain alert rules and logic within...
-
Cyber Threat Investigator
5 days ago
Bengaluru, India Mashreq Full timeDescription :Manage security event monitoring and incident response using SIEM platforms, with preference for Azure Sentinel and ArcSight. Analyze and respond to security events from diverse sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications. Develop and maintain alert rules and logic within...
-
Cyber Threat Investigator
2 days ago
Bengaluru, India Mashreq Full timeDescription :Manage security event monitoring and incident response using SIEM platforms, with preference for Azure Sentinel and ArcSight. Analyze and respond to security events from diverse sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications. Develop and maintain alert rules and logic within...
