Cyber Threat Hunting Analyst

Senior Technical Analyst - Cyber Threat Hunting Analyst

Location: IN - Bangalore 24/7 | Job-ID: | Contract type: Standard | Business Unit: Others

Life on the team

Placed within our Security Operations function, our Cyber Threat Operations Team play an essential role in protecting Computacenter from the latest threats and threat actors. The Cyber Threat Operations Team work to ensure we have a forward-looking mentality to identify emerging threats and trends. Our team brings together a diverse set of specialist skills, including Threat Intelligence, Threat Hunting, Malware Analysis, Digital Forensics, Incident Response, and Threat Modelling. At our core, we are driven by a mission to "investigate, collate and locate": to unearth new threats, collate all available information about them, and then seek them out and respond appropriately. The aim of the Cyber Threat Operations Team is to ensure the wider security division is one step ahead of security threats by applying technical knowledge and understanding of global events to produce relevant, actionable intelligence. The Cyber Threat Operations Team understand how threats feed into business risks. We lead on collecting, evaluating, and analysing all sources of information to produce finished Threat Intelligence to help inform Computacenter and minimise the risk of harm.

We are now looking for an experienced Threat Hunt Analyst to join our team. In this role you will be responsible for the prioritisation, gathering and analysing malware samples associated to emerging threats, and then disseminating your findings to relevant teams for appropriate action.

What you'll do

• Support threat hunting team in day-to-day checklist(s), including log review, alert analysis, and investigation enrichment.
• Support the improvement and development of new threat hunt queries based on observed and measured cyber threat activity.
• Remain current on threats, exposures and mitigations (APT, Zero days, Methods & tactics) that could impact Computacenter; Deliver specialist investigation and analysis on cyber security incidents to support the Computacenter Cyber Security Incident Response Team (CSIRT)
• Maintenance of tooling to ensure the smooth running CTH services
• Create hypotheses, generate structured plan and conduct threat hunts for given threats.
• Create and maintain standard library of repeatable hunting queries to search for common attack techniques
• Generate reports on discovered threats
• Documentation of processes and services delivered by the team.

What you'll need

• Experienced in Information and Cyber Security, including a SOC.
• Experienced in common open and closed source intelligence tools and technologies.
• Experienced in adversary tactics and techniques frameworks such as Mitre ATT&CK and Killchain.
• Experienced in common SOC SIEM technology applications such as MS Sentinel.
• Experienced in KQL, with ability to formulate advanced queries.
• Experienced in investigating security breaches and security incident management.
• Knowledge of specialist security technologies including CIS Benchmarks, Tenable etc.
• Knowledge of specialist threat information sharing including STIX, TAXII, CiSP etc.
• Knowledge of network topologies and protocols. Knowledge of security risk management, incident response and crisis management.
• Communicates in a clear straightforward way (written and verbally)
• Ability to present complex technical details in a simple business context
• Excellent written and verbal English
• Takes responsibility for own actions and ability to perform in a structured manner and to strict deadline.

Current information for our applicants

Business as usual? Not quite. Of course, the Corona crisis also presents us with major challenges.

However, we are broadly positioned across various industries, plan for the long term and have always been flexible in our approach to our customers, especially in times of crisis. Our core business is digitisation. We believe that this topic will continue to grow in importance for many companies in both public and private sectors.

That's why there are still areas of our business with clear hiring requirements – and we would like to bring talent like you on board By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions.

We are still looking forward to getting to know you

About us

Computacenter is a leading independent provider of IT infrastructure services. We work at the heart of digitisation, advising organisations on IT strategy, implementing the most appropriate technology and managing our customers' infrastructures.

We offer a friendly, open working environment without too much fuss about hierarchy. We are looking for professionals with diverse competencies, personalities and strengths who want to live our shared value of teamwork and performance.

Interested in joining a company with a strong sense of community?
We're growing. We're hiring. We encourage. We empower. We support.
#CCfuturetalent