LTIMindtree
Location
Bangalore | India
Job description
Experience - 5 to 9 years Location - Mumbai , Banglore, Hyderabad, Pune , All LTIM location
Evaluation Points - KPIs TH Operation Excellence Threat Hunter search iteratively through networks to detect indicators of compromise (IoCs), hacker tactics, techniques, and procedures (TTPs),threats such as Advanced Persistent Threats (APTs) evading your existing security system. Threat Hunter to identify insider threats or outside attackers and take appropriate Hypothesis to eradicate such incidents in HDFC Proactively hunting for known adversaries by leveraging MITRE framework Searching for hidden threats to prevent the attack from happening by the use behavioral analysis to detect anomalies indicating a threat. In case of a threat, hunters gather as much information as possible before executing the incident response plan to neutralize it. This is used to update the response plan and prevent similar attacks. Compliance Submissions as per defined Timeline Suggest required process,policy,procedure in place Weekly, Foirtnightly and Quaterly update on time Collaborate with TI and RT for hypothesis creation and work towards reducing adversary dwell time by hunting Make sure HMM 2 (hunting maturity model ) to be achieved. JD 2 Mandatory Skills 1. Minimum 8+ years of experience in Threat Intelligence & Hunting 2. Experienced in discovering and gathering Threat data from intelligence feeds 3. Prior experience of developing methodologies for threat data mining to uncover the threat actors and threat vectors 4. Experienced in maintaining, developing, and continuously evaluating cyber threat intelligence, & data sources. Experienced in integrating the Threat intelligence platforms with various security solutions. 5. Maintain an understanding of the overall threat landscape (cyber, malware, botnets, phishing, DDoS, physical) applicable to the customer. 6. Collect, analyse, investigate, store, and disseminate indicators of compromise (IOCs) 7. Regularly develop and produce written cyber, brand and threat intelligence reports 8. Provide support to the Security Incident Response Team and SOC in the effective detection, analysis, and containment of attacks, as well as researching potential IOCs and linking to intelligence 9. Draft, edit, and disseminate threat intelligence information/briefs to stakeholders, executive leadership, and others 10. Monitoring of security procedures and practices; recommend optimizations and improvements when gaps are identified 11. Collaborate with Monitoring and Incident Response team & Content Engineering team to build proactive detection logic for threat detection. 12. Assist the SOC Monitoring & IR team in providing intel briefing, threat analysis and resolution of Major incidents. 13. Leverage Threat Intelligence gathered to execute Threat Hunting campaigns. Following types of Threat Hunting campaigns will be executed – o Threat Indicator driven threat hunting o Hypotheses driven threat hunting o MITRE ATT&CK framework driven hunting campaigns 14. Escalate true positives to Incident status and assist in relevant incident response 15. Perform end-to-end threat hunting, developing, maturing and maintaining TTP or attack pattern detection techniques 16. Perform the full threat hunting cycle, including recommendations for EDR detection rules 17. Collaborate with IR team to recommend and mitigate the effects caused by an incident. 18. Perform technical cyber security investigations on security incidents, root cause analysis and deep dive analysis of malicious artifacts, analyze threat intelligence, identify TTP and attack patterns. 19. Help mature the Security Incident Response process to ensure it meets the needs of the global business and is adhered to. 20.Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities. Educational Requirement Bachelor’s Degree, or equivalent work experience, in Computer Science or related field preferred or equivalent work experience."Job tags
Salary
