Senior Cyber Security Threat Hunter :: Kolkata :: WFO

Title:  Senior Cyber Security Threat Hunter

Location: Kolkata(WFO)

Mode: Permanent with Nexucon

Job Summary

The Cybersecurity Threat Hunter will proactively search for indicators of compromise, malicious activities, and advanced persistent threats (APTs) across the healthcare environment. This role demands deep technical expertise in adversary tactics, techniques, and procedures (TTPs), strong analytical and investigative skills, and the ability to leverage threat intelligence to detect, analyze, and contain sophisticated cyber threats.

Key Responsibilities

• Conduct proactive threat hunting to identify malicious activity, undetected threats, and adversary behaviors across enterprise and healthcare systems.
• Develop and execute advanced hunting queries across SIEM, EDR, NDR, and log management platforms.
• Analyze endpoint activity, network traffic, and cloud workloads to detect anomalies and indicators of compromise (IoCs).
• Apply frameworks such as

  MITRE ATT&CK

   to map adversary behavior and enhance detection coverage.
• Collaborate with

  SOC

  ,

  Incident Response

  , and

  Threat Intelligence

   teams to validate findings, escalate incidents, and support remediation.
• Develop and test hunting hypotheses based on threat intelligence, emerging TTPs, and industry-specific risks.
• Document threat hunting methodologies, findings, and lessons learned for continuous improvement.
• Recommend enhancements to detection logic, automation playbooks, and monitoring capabilities.
• Participate in

  red, blue, and purple team

   exercises to improve detection and response maturity.
• Mentor and guide SOC analysts on advanced detection and threat hunting techniques.

Qualifications & Experience

• Education:

   Bachelors degree in Cybersecurity, Computer Science, Information Security, or equivalent professional experience.

• Experience:

   5+ years in cybersecurity operations, SOC, incident response, or dedicated threat hunting roles.
• Strong knowledge of adversary TTPs, malware behavior, lateral movement, and persistence mechanisms.
• Hands-on experience with SIEM tools (e.g.,

  Splunk, LogRhythm, Microsoft Sentinel, QRadar

  ) and EDR solutions (e.g.,

  CrowdStrike, Defender ATP, Carbon Black

  ).
• Proficiency in scripting and query languages such as

  Python, PowerShell, or SQL

  .
• Familiarity with frameworks like

  MITRE ATT&CK, Cyber Kill Chain, NIST CSF

  , and major threat intelligence sources.
• Strong analytical, investigative, and problem-solving skills with attention to detail.

Preferred Certifications

• GCFA

   – GIAC Certified Forensic Analyst

• GCIH

   – GIAC Certified Incident Handler

• GCDA

   – GIAC Cyber Defense Analyst

• CHFI

   – Computer Hacking Forensic Investigator

• Microsoft Certified: Threat Protection