Principal Threat Hunter | On-site, Bangalore
Location
Bangalore | India
Job description
At Optiv, we're on a mission to help our clients make their businesses more secure. We're one of the fastest-growing companies in a truly essential industry.
In your role at Optiv, you'll be inspired by a team of the brightest business and technical minds in cybersecurity. We are passionate champions for our clients and know from experience that the best solutions for our clients' needs come from working hard together. As part of our team, your voice matters, and you will do important work that has an impact, on people, businesses, and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We're proud of our team and the important work we do to build confidence for a more connected world.
How you will make an impact:
- Proactively analyze, document and report on potential security incidents identified in Clientenvironments.
- Collaborate with internal and client partners to maintain an understanding of securitythreats, vulnerabilities, and exploits that could impact systems, networks, and assets.
- Is primary POC and coordinator for clients during security events that require urgent response, containment, and remediation.
- Lead, mentor and develop other threat hunters and analysts.
- Provide security gap analysis and effectiveness assessments of security platform technologies or lack thereof to include, but not limited to SIEM, SOAR, XDR, EDR, content development collaboration solutions, network security devices (e.g., firewall/IDS/IPS), web application security, asset management, vulnerability scanners, etc.
- Be informed of new security technologies and assess them for opportunities to improve client security programs or achieve client outcomes.
- Effectively apply OSINT and client data to demonstrate risk of adversary activity and develop recommendations to reduce risk to include mitigation techniques and data to inform detection content or client policies.
- Actively solicit and collaborate with senior & principal analysts for observations to inform threat hunt activities.
- Ability to discuss security posture with multiple clients and make recommendations to better their holistic security approach.
- Lead, mentor, and influence internal teams and client counterparts as the subject matter expert.
- Develop and maintain SOP and KBs that enable effective and efficient content development, analyst understanding and response, and client action items.
What we are looking for:
- Bachelor of Science or Master's Degree in Cyber Security or Computer Science, Computer/software engineering, program, or other focus area applicable to this industry combined with 8+years of experience in Incident Response, Blue Team, and/or Red Team technical operations.
- Or equivalent education and training that is documented with certifications, performance evaluations, course diplomas, or official memorandum.
- GCFA, GCIA, GREM, GCIH, CEH, OSCP, and other relevant information security certifications
- Leadership experience with developing people or operations AND with completing projects, tasks, and problem solving.
- Experience with 3 or more of the following areas: Incident response processes, Detection Engineering, Malware analysis, Network analysis, Threatintelligence reporting and analysis, Attack and Penetration Testing, Digital Forensics,or cyber threat emulation.
- Experience with Cyberthreatmethodologies, including the Cyber Kill Chain, Pyramid of Pain, MITRE ATT&CK Matrix, and Diamond Model, and applying them to enterprise Cyber operations.
- Strong understanding of cybersecurity topics and current threat adversary TTPs.
- Strong understanding of Windows and Linux internals.
- Combination of skillsets covering both offensive and defensive security practices.
- Proven scripting experience with Python/PowerShell/Bash/WMIC or other languages.
- Experience withthreathunting lifecycle and application of tools.
- Expert level knowledge of security tools to include but not limited to CrowdStrike, CarbonBlack, Tanium, Splunk, Anomali,Sentinel, Vectra,and other tools highly desired.
- Expert level knowledge of tool integrations to perform data correlation and automation.
- Possession of excellent oral and written communication skills, including making clear and concise presentations to various audiences with an executive presence.
If you are seeking a culture that supports growth, fosters success, and moves the industry forward, find your place at Optiv! As a market-leading provider of cyber security solutions, Optiv has the most comprehensive ecosystem of security products and partners to deliver unparalleled services. Our rich and successful history with our clients is based on trust, serving more than 12,000 clients of varying sizes and industries, including commercial, government, and education. We have the proven expertise to plan, build, and run successful security programs across Risk Management, Cyber Digital Transformation, Threat Management, Security Operations - Managed Services, and Identity and Data Management.
With Optiv you can expect
. A company committed to championing Diversity, Equality, and Inclusion through our Affinity groups including, Black Employee Network, Disabled Employee Network, Latino Employee Network, Optiv Pride (LGBTQIA+) , Veterans Support Network, and Women's Network.
. Work/life balance.
. Professional training resources
. Creative problem-solving and the ability to tackle unique, complex projects
. Volunteer Opportunities. 'Optiv Chips In' encourages employees to volunteer and engage with their teams and communities.
. The ability and technology necessary to productively work remote/from home (where applicable)
Job tags
Salary