Jobs

Interviews
Job Alerts
Tools

Upskill and Grow with AI

Mock Interview Practice interviews in realistic simulations

Coding Practice Improve your coding skills with challenges

Certification Earn certifications to validate your skills

AI Learning Get trained with AI expert sessions

Career Path AI insights for smarter career decisions

AI Job Match Score AI-Powered Job Match Against Your Resume and Optimize Your Resume

Career Tools and Resources

Resume Builder Build Professional Resume with Ease

ATS Friendliness Check Check Resume Friendliness for Applicant Tracking Systems

Auto Apply Apply to hundreds of jobs on any platform effortlessly

Co-Pilot (Chrome Extension) Your AI Assistant for Seamless Browsing Efficiency

Interview Questions Streamline interviews with ready-to-use questions

Salaries Discover market-driven salary insights across skillsets and geographies

Companies Explore leading companies actively hiring talent
For Employers

Home
>
Jobs in bengaluru
>
Cisco
>
Threat Hunting Detection Engineer

Threat Hunting Detection Engineer

Cisco

5 - 6 years

7 - 12 Lacs

bengaluru

Posted:10 hours ago| Platform:

Apply

Skills Required

threat hunting kubernetes python cloud security data analytics ai dns siem sql docker incident response active directory gcp use cases compliance linux powershell splunk http cloud computing aws architecture azure

Work Mode

Work from Office

Job Type

Full Time

Job Description

Meet the Team

Cisco's Security Visibility and Incident Command (SVIC) forms part of the monitoring & response branch of Cisco's Security and Trust Organization (S&TO) and is Cisco's cyber investigations and forensics team
We provide Cisco with security threat detection, compliance monitoring, vulnerability discovery and response services to protect Cisco's digital landscape from attacks, abuse, reputational harm, and loss of its intellectual assets
The primary mission of SVIC is to help ensure system and data risk management by performing comprehensive investigations into cyber security incidents, and to assist in the prevention of such incidents by engaging in dedicated threat assessment, mitigation planning, incident trend analysis, and security architecture review
We are a highly-functioning, diverse, and globally distributed group of committed professionals from various technical backgrounds
We are Open-Source Software contributors, technical authors, tool builders, DFIR (Digital Forensics & Incident Response) community members, lock pickers, makers, and breakersYour ImpactSVIC is looking for an experienced security professional to join our Cyber Detection Engineering Team
This is an opportunity to contribute to a highly visible security operations function with global impact upon Cisco, its diversified business, business units, service ventures, partners, and customers
We are seeking a motivated and analytical security specialist who thrives on understanding attacker methodologies to build robust and proactive detection capabilities
Our engineers excel at designing, developing, and deploying security detections that identify threats across complex systems
You have a strong interest in complex problem solving, with an ability to challenge assumptions and consider alternative perspectives while mastering the craft of security detection
You are forward-thinking and act as a key contributor in strengthening Cisco's defensive posture, operating exceedingly well in a strong, tight-knit, collaborative team environment

Responsibilities

* Design, develop, and implement security detection rules, signatures, and use cases across various security platforms (SIEM, EDR, IDS/IPS, Cloud Native Security Tools)

* Translate threat intelligence and adversary tools, tactics & procedures (TTPs) into actionable detection logic

* Perform continuous tuning and optimization of existing detection rules to reduce false positives and improve detection efficacy

* Collaborate with Threat Hunters and Incident Responders to understand emerging threats and incident patterns, incorporating lessons learned into new detection strategies

* Engage with data source & business SMEs (subject matter experts) in SVIC and InfoSec to build & improve methods for detecting security incidents in cloud (IaaS, SaaS, PaaS) environments

* Research and deploy modern technologies or enhancements to support business objectives related to security detection, threat hunting, forensics, and response

* Study how attackers operate and their methods, and use your IT and networking expertise to build & improve detection logic and investigative procedures

* Collaborate with your peers to evolve our operational processes & procedures towards improving efficiency & efficacy

* Cultivate expertise in the technical subjects you are passionate about, to guide SVIC towards better ways in achieving our mission

* Teach, mentor and support your peers in areas you have specialized knowledge or experience

* Represent SVIC in collaboration with industry peers and in trusted working groups

* Participate in a follow-the-sun on-call rotation

Minimum Qualifications* Minimum of 5-6 years of hands-on experience in security detection engineering, incident handling, or a closely related cyber security role

* Self-Starter, Go-Getter & Self-Learner

* Superb communication (verbal and written) skills

* Reasonable scripting/coding abilities (e g , Python, PowerShell) and an eye for automation opportunities

* Networking Experience: A solid grasp of networking and core Internet protocols (e g TCP/IP, DNS, SMTP, HTTP, TLS and distributed networks)

* Security Technology Experience: Extensive experience with security detection platforms such as SIEM (e g , Splunk, Elastic, Sentinel), EDR (e g , Cisco Secure Endpoint, CrowdStrike, SentinelOne), IDS/IPS, and Cloud Security Posture Management (CSPM) tools

* Cloud Experience: Experience or familiarity with the usage of cloud computing platforms & components, like - AWS, GCP, Azure, Docker, Kubernetes, etc , specifically in the context of cloud native detection

* Dev-Sec-Ops Experience: Experience or familiarity with integrating security into CI/CD pipelines and automating security controls

* IT Infrastructure Experience: Extensive knowledge of IT infrastructure services, Operating systems (Windows, Linux), and networking

* Identity Management Experience: Experience or familiarity with protocols & products used for authentication & authorization, like - Radius, Active Directory, LDAP, NTLM, Kerberos, SAML, OAuth, JWT, etc , and detecting abuse

* Experience in developing and deploying detection rules using formats like YARA, Sigma, or custom SIEM queries

* Experience in one or more data analytics platforms or languages like - Splunk, Elastic Stack, Kusto Query Language (KQL), Structured Query Language (SQL), etc , for log analysis and rule creation

Preferred Qualifications* Agility in managing multiple detection projects concurrently and a curiosity to learn about new threats and technologies

* Proven track record of designing and implementing effective security detections

* Flexibility - willingness to pitch in where needed across program and team, and outside typical business hours

* Ability to work shift hours as well as on-call out of hours

* Leadership, influence, and collaboration skills; sound problem resolution, judgment, negotiating and decision-making skills

More Jobs at Cisco

Commercial Solutions Engineer - Cyber Security , Networking

Mumbai

10 - 15 yrs

INR 10 - 11 Lacs

Business Development Manager

Bengaluru

5 - 10 yrs

INR 8 - 13 Lacs

Electrical Product Engineer

Bengaluru

4 - 9 yrs

INR 15 - 17 Lacs

Test Automation Engineer

Bengaluru

1 - 3 yrs

INR 8 - 9 Lacs

ASIC Engineer | 5+ years | (Floor planning , Place and route , Formal verification , Timing closure , Perl / Python / Scripting )

Ahmedabad, Gujarat, India

Experience: Not specified

Salary: Not disclosed

Mock Interview

Practice Video Interview with JobPe AI

Start Python Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

Enhance Your Python Skills

Practice Python coding challenges to boost your skills

Start Practicing Python Now

Cisco

Software Development

San Jose CA

Login to

Please Verify Your Phone or Email

Confirm Action

Threat Hunting Detection Engineer