Cloud Raptor is Hiring for MNP SPARK Bengaluru!
Work Location:
MNP is one of Canadas largest full-service chartered professional-services firms providing accounting, tax, consulting, risk-advisory, management consulting, and financial advisory services.
• With offices across all provinces and a workforce of thousands, MNP serves clients in public, private, and not-for-profit sectors across Canada. • MNP emphasizes a culture of balanced lifestyle, competitive compensation and benefits, merit-based career growth, and values that support diversity, inclusion, community, and work-life balance.
Role & responsibilities
- Conduct highly complex security incident investigations and deep-dive security analysis across endpoints (memory, disk), network traffic, and cloud environments (Azure, Microsoft 365).
- Develop and execute proactive campaigns using advanced KQL queries, integrated threat intelligence, and behavioral analysis techniques within Microsoft Sentinel and Microsoft Defender XDR platforms.
- Research, design, and implement novel threat detection logic, complex Analytics Rules and custom threat intelligence integrations in Microsoft Sentinel.
- Architect, build, test, and maintain sophisticated playbooks using Azure Logic Apps to automate complex response actions and streamline SOC workflows.
- Serve as the ultimate escalation point for critical security incidents.
- Perform static and dynamic malware analysis, reverse engineering exploit techniques, and analyze adversary tactics, techniques, and procedures (TTPs).
- Actively drive the continuous improvement of the MXDR platform, including evaluating new tools, proposing architectural enhancements, refining processes, and enhancing detection capabilities based on threat landscape evolution and operational insight
- Function as a trusted security advisor to MNP Digital clients, delivering expert recommendations on security posture improvements, vulnerability remediation, threat mitigation strategies, and post-incident recovery plans.
- Present complex technical findings, investigation results and strategic recommendations to diverse audiences.
- Mentor Tier 1 and Tier 2 Security Analysts through knowledge sharing, training and collaborative investigation.
- Work closely with SOC Security Architects on platform design, integration challenges, and strategic roadmap development.
Maintain expert-level knowledge of cybersecurity landscape including emerging threats, attack vectors, defensive strategies, and Microsoft's security portfolio.
Preferred candidate profile
- 6+ years in advanced SOC roles, Incident Response, Threat Hunting, or Cyber Threat Intelligence, handling complex investigations and proactive defense.
- Expert-level mastery of Microsoft Sentinel: Advanced KQL for complex hunting and analytics, custom detection rule engineering, SOAR playbook architecture and development (Azure Logic Apps), threat intelligence platform integration and utilization
- Expert-level understanding and extensive hands-on application of the full Microsoft Defender XDR suite (Endpoint, Identity, Office 365, Cloud Apps) for deep-dive investigations, proactive hunting, configuration, and advanced response actions.
- Strong practical experience with digital forensics methodologies and tools for endpoint (Windows, Linux, macOS), memory, and network forensic analysis.
- Experience with malware analysis techniques (static/dynamic) and reverse engineering concepts.
- Proven ability to develop and execute sophisticated, hypothesis-driven threat hunting campaigns yielding tangible results.
- Deep understanding of adversary TTPs, cyber kill chain methodologies, and expert-level application of frameworks like MITRE ATT&CK and D3FEND.
- Proficiency in scripting languages (e.g., Python, PowerShell) for security analysis, automation, tool development, and data manipulation.
- In-depth knowledge of Microsoft Azure security services (Defender for Cloud, Network Security Groups, Azure Firewall, Azure Policy) and Microsoft Entra ID security features (Identity Protection, Conditional Access, PIM).
- Familiarity with data protection concepts and tools, with exposure to Microsoft Purview being advantageous.
- Ability to present complex technical findings and recommendations to various stakeholders.
- Identifying and driving improvements in security tools, detection capabilities, and operational processes within a SOC or IR team.
- Exceptional skills in unraveling complex, multi-stage attacks.
- Superior written, verbal, and presentation skills for diverse audiences.
- Strong technical presence and mentoring capabilities.
- High initiative and ownership in tackling technical challenges.
- Focus on long-term threat detection improvement.
- Excellent communication skills, especially under high-pressure scenarios.
- Effective advisory, consulting, and relationship-building skills.
Educational Qualifications :
Bachelor of Technology/Engineering Or Bachelor/Masters in Computer Application
Certifications
- Highly Desirable: Possession of advanced, industry-recognized security certifications such as:
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Incident Handler (GCIH)
- Certified Information Systems Security Professional (CISSP)
- Offensive Security Certified Professional (OSCP) or similar penetration testing certifications.
- Required or Strongly Preferred: Relevant Microsoft expert-level or advanced certifications, demonstrating mastery of the core platform, such as:
- Microsoft Certified: Cybersecurity Architect Expert (SC-100) OR
- Microsoft Certified: Security Operations Analyst Associate (SC-200) combined with demonstrable expert-level skills and experience.
- Microsoft Certified: Azure Security Engineer Associate (AZ-500) is highly relevant and valued.
