CTI SME - Cyber Threat Intelligence

As a CTI SME (Cyber Threat Intelligence) based in Noida, you will play a crucial role in operationalizing threat intelligence by collaborating with SOC engineers, security architects, and incident responders. Your responsibilities will include: - Performing advanced threat hunting for APTs, zero-day exploits, and emerging attack campaigns. - Monitoring and analyzing threat actor activity, TTPs (Tactics, Techniques, and Procedures), and Indicators of Compromise (IOCs). - Leveraging open-source, commercial, and dark web threat feeds to identify emerging risks. - Collecting raw intelligence data from internal logs, external feeds, social media, and underground sources. - Filtering, correlating, and analyzing data to produce actionable intelligence. - Documenting content logic, assumptions, and tuning parameters used in intelligence and detection models. - Disseminating intelligence findings to SOC teams, CISOs, and executive stakeholders. - Producing executive-level dashboards, threat briefings, and situational awareness reports. - Advising stakeholders on risk mitigation strategies and alignment with compliance frameworks (NIST, RMF, etc.). - Supporting audits and regulatory reporting through tailored intelligence briefs. - Collaborating with SIEM and SOAR teams to automate threat detection and response workflows. - Working closely with SOC analysts (L1L3) and SIEM engineering teams to refine detection logic based on intelligence insights. - Participating in governance and change management processes related to threat intelligence operations. Qualifications Required: Must-Have: - 7+ years of experience in Cyber Threat Intelligence / SOC / Threat Hunting. - Strong understanding of APT groups, threat actor methodologies, and IOC lifecycle. - Hands-on experience mapping threats to MITRE ATT&CK. - Proven ability to produce strategic, operational, and tactical intelligence. - Strong analytical, documentation, and stakeholder communication skills. - Experience working closely with SOC, SIEM, and SOAR platforms. Preferred: - Experience supporting executive leadership and CISO-level reporting. - Exposure to dark web intelligence collection and analysis. - Familiarity with compliance and regulatory frameworks (NIST, RMF). In addition to the above, you will have the opportunity to work with Google Threat Intelligence / Google Security ecosystem, threat intelligence platforms, external threat feeds, SIEM & SOAR integrations, and contribute to high-impact projects that influence enterprise security posture and risk decisions. This role offers close collaboration with SOC, IR, and security leadership teams in a fast-paced security environment with strong ownership and visibility. As a CTI SME (Cyber Threat Intelligence) based in Noida, you will play a crucial role in operationalizing threat intelligence by collaborating with SOC engineers, security architects, and incident responders. Your responsibilities will include: - Performing advanced threat hunting for APTs, zero-day exploits, and emerging attack campaigns. - Monitoring and analyzing threat actor activity, TTPs (Tactics, Techniques, and Procedures), and Indicators of Compromise (IOCs). - Leveraging open-source, commercial, and dark web threat feeds to identify emerging risks. - Collecting raw intelligence data from internal logs, external feeds, social media, and underground sources. - Filtering, correlating, and analyzing data to produce actionable intelligence. - Documenting content logic, assumptions, and tuning parameters used in intelligence and detection models. - Disseminating intelligence findings to SOC teams, CISOs, and executive stakeholders. - Producing executive-level dashboards, threat briefings, and situational awareness reports. - Advising stakeholders on risk mitigation strategies and alignment with compliance frameworks (NIST, RMF, etc.). - Supporting audits and regulatory reporting through tailored intelligence briefs. - Collaborating with SIEM and SOAR teams to automate threat detection and response workflows. - Working closely with SOC analysts (L1L3) and SIEM engineering teams to refine detection logic based on intelligence insights. - Participating in governance and change management processes related to threat intelligence operations. Qualifications Required: Must-Have: - 7+ years of experience in Cyber Threat Intelligence / SOC / Threat Hunting. - Strong understanding of APT groups, threat actor methodologies, and IOC lifecycle. - Hands-on experience mapping threats to MITRE ATT&CK. - Proven ability to produce strategic, operational, and tactical intelligence. - Strong analytical, documentation, and stakeholder communication skills. - Experience working closely with SOC, SIEM, and SOAR platforms. Preferred: - Experience supporting executive leadership and CISO-level reporting. - Exposure to dark web intelligence collection and analysis. - Familiarity with compliance and regulatory frameworks (NIST, RMF). In addition to the above,