NTT Data
Location
Noida | India
Job description
Req ID: 272823
NTT DATA Services strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.
We are currently seeking a Security Analysis Specialist Advisor to join our team in Noida, Uttar Pradesh (IN-UP), India (IN).
Job Title
Cyber Security Operations Specialist Advisor
Role Overview
The Threat Hunter, Advanced Security Analytics is a member of a team who proactively manages IT security on behalf of customers to reduce the impact of security incidents and system compromises. The successful candidate will provide security monitoring, level 2 and 3 event analysis, and countermeasure proposals. This position requires shift work in a 9/5 environment during US business hours and after-hours work may be required.
Role Responsibilities
-Leads the Cyber Threat Hunt function with SOC Analysts, Incident Responders and Threat Managers.
- Conduct threat hunting and analysis using various toolsets based on intelligence gathered
- Actively hunt for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) in the network and in the host as necessary.
- Search network flow, PCAP, logs, and sensors for evidence of cyber-attack patterns, and hunt for Advanced Persistent Threats (APT)
- Create detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate team
- Analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture
- Monitor open source and commercial threat intelligence for IOCs, new vulnerabilities, software weaknesses, and other attacker TTPs
- Provides guidance to contracted subordinates within the latitude of established policies.
- Recommends changes to policies and establishes procedures that affect immediate organization(s).
- Methodically examine all collected windows/linux host data for evidence of intrusion, malware, or unauthorized activity.
- Directly support the provide incident response support for critical security incidents as they arise
- Familiarity with offensive strategies and assessment methodology
- Work/Assist SIEM Admin team to create new use cases and provide them with all the required details.
Role Requirements
Role Preferences
Typical Years of Experience
Physical Requirements / Working Conditions
Job tags
Salary