433 Threat Hunting Jobs

Level - L3 Reports to: SOC Lead Position Summary: The Senior SOC Specialist will be the subject matter expert (SME) and support the Security Operations Centre (SOC) operations. The candidate should have deep expertise in security monitoring, incident response, threat intelligence and security technologies. This role is critical for ensuring rapid detection, response and mitigation of security incidents. Key Responsibilities: Manage advanced threat detection, incident triage, investigation and response activities. Serve as a subject matter expert (SME) for SOC tools and processes. Perform in-depth analysis of complex security events and indicators of compromise (IOCs). Develop and maintain pl...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level -L3 - Build baseline behavioural profiles for users, hosts, IPs, and applications. - Detect anomalies such as lateral movement, beaconing, data exfiltration, and unauthorized access (e.g., VPN/RDP logins, illegal website access) - Prioritize threats based on asset sensitivity and potential blast radius Model Development & Tuning aligned with MITRE ATT&CK to detect: - Insider threats and compromised accounts. - Zero-day and advanced persistent threats (APTs). - Emerging global threat patterns - Enriching incidents with UEBA context for faster triage. - Enabling threat hunting using UEBA signals. - Collaborating with SOAR teams to automate response workflows - Daily threat hunting report...

Level -L3 - Build baseline behavioural profiles for users, hosts, IPs, and applications. - Detect anomalies such as lateral movement, beaconing, data exfiltration, and unauthorized access (e.g., VPN/RDP logins, illegal website access) - Prioritize threats based on asset sensitivity and potential blast radius Model Development & Tuning aligned with MITRE ATT&CK to detect: - Insider threats and compromised accounts. - Zero-day and advanced persistent threats (APTs). - Emerging global threat patterns - Enriching incidents with UEBA context for faster triage. - Enabling threat hunting using UEBA signals. - Collaborating with SOAR teams to automate response workflows - Daily threat hunting report...

Level -L3 - Build baseline behavioural profiles for users, hosts, IPs, and applications. - Detect anomalies such as lateral movement, beaconing, data exfiltration, and unauthorized access (e.g., VPN/RDP logins, illegal website access) - Prioritize threats based on asset sensitivity and potential blast radius Model Development & Tuning aligned with MITRE ATT&CK to detect: - Insider threats and compromised accounts. - Zero-day and advanced persistent threats (APTs). - Emerging global threat patterns - Enriching incidents with UEBA context for faster triage. - Enabling threat hunting using UEBA signals. - Collaborating with SOAR teams to automate response workflows - Daily threat hunting report...

Level -L3 Lead the development of threat hunting hypotheses using threat intelligence, MITRE ATT&CK, and kill chain models Guide the team in conducting hunts across SIEM, EDR/XDR, and network telemetry to uncover hidden threats Validate and refine threat intelligence to ensure it is actionable and relevant Translate hunting outcomes into detection logic and use cases for SIEM and SOAR platforms Collaborate with content developers to build and tune correlation rules and analytics Identify gaps in visibility and recommend improvements to logging and telemetry coverage Escalate confirmed findings to L3 incident response teams with detailed evidence and RCA Recommend preventive and detective cou...

Level -L3 Lead the development of threat hunting hypotheses using threat intelligence, MITRE ATT&CK, and kill chain models Guide the team in conducting hunts across SIEM, EDR/XDR, and network telemetry to uncover hidden threats Validate and refine threat intelligence to ensure it is actionable and relevant Translate hunting outcomes into detection logic and use cases for SIEM and SOAR platforms Collaborate with content developers to build and tune correlation rules and analytics Identify gaps in visibility and recommend improvements to logging and telemetry coverage Escalate confirmed findings to L3 incident response teams with detailed evidence and RCA Recommend preventive and detective cou...

Level -L3 Lead the development of threat hunting hypotheses using threat intelligence, MITRE ATT&CK, and kill chain models Guide the team in conducting hunts across SIEM, EDR/XDR, and network telemetry to uncover hidden threats Validate and refine threat intelligence to ensure it is actionable and relevant Translate hunting outcomes into detection logic and use cases for SIEM and SOAR platforms Collaborate with content developers to build and tune correlation rules and analytics Identify gaps in visibility and recommend improvements to logging and telemetry coverage Escalate confirmed findings to L3 incident response teams with detailed evidence and RCA Recommend preventive and detective cou...

Level -L3 Lead the development of threat hunting hypotheses using threat intelligence, MITRE ATT&CK, and kill chain models Guide the team in conducting hunts across SIEM, EDR/XDR, and network telemetry to uncover hidden threats Validate and refine threat intelligence to ensure it is actionable and relevant Translate hunting outcomes into detection logic and use cases for SIEM and SOAR platforms Collaborate with content developers to build and tune correlation rules and analytics Identify gaps in visibility and recommend improvements to logging and telemetry coverage Escalate confirmed findings to L3 incident response teams with detailed evidence and RCA Recommend preventive and detective cou...

Level -L3 Lead the development of threat hunting hypotheses using threat intelligence, MITRE ATT&CK, and kill chain models Guide the team in conducting hunts across SIEM, EDR/XDR, and network telemetry to uncover hidden threats Validate and refine threat intelligence to ensure it is actionable and relevant Translate hunting outcomes into detection logic and use cases for SIEM and SOAR platforms Collaborate with content developers to build and tune correlation rules and analytics Identify gaps in visibility and recommend improvements to logging and telemetry coverage Escalate confirmed findings to L3 incident response teams with detailed evidence and RCA Recommend preventive and detective cou...

Role Overview: At OpenText, AI is a core aspect of our operations, driving innovation and transforming work processes to empower digital knowledge workers. As part of our team, you will play a crucial role in shaping the future of information management by leveraging your expertise. Key Responsibilities: - Perform monitoring, identification, investigation, documentation, resolution, and reporting of security alerts by prioritizing events based on risk/exposure. - Analyze Endpoint Detection and Response (EDR), Network, Cloud, and other traffic and log data to identify potential threats or vulnerabilities. - Generate tickets and incident reports for external clients and Tier 3 analysts. - Reme...

Role Overview: As a SOC Analyst at Capgemini, you will play a crucial role in analyzing and responding to security incidents. Your responsibilities will include incident response, threat detection, stakeholder support, threat hunting, and leveraging cyber intelligence to enhance security measures. You will have the opportunity to work on cutting-edge projects in technology and engineering while contributing to a more sustainable and inclusive world. Key Responsibilities: - Analyze and document security incidents, escalate when necessary, and facilitate handover to L3 teams. - Conduct research and data analysis to identify threats and coordinate remediation efforts. - Assist IT teams and end ...

Cloud Security Engineer II Zscaler + Cloud(Any) Shift: Rotational, 24*7 Location : Delhi NCR(Noida And Gurugram) t Experience with Zscaler is a must. Ability to work independently in implementing and handling Zscaler Insight at a Glance 14,000+ engaged teammates globally with operations in 25 countries across the globe. Received 35+ industry and partner awards in the past year $9.2 billion in revenue #20on Fortunes World'sBest Workplaces™ list #14 on Forbes World's Best Employers in IT – 2023 #23 on Forbes Best Employers for Women in IT- 2023 $1.4M+ total charitable contributions in 2023 by Insight globally About the role As a Cloud Security Engineer II, you will be providing Security L1/L2/...

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled WAF and Firewall Security Expert to manage Web Application Firewalls (WAF) and network perimeter security. The ideal candidate will have in-depth knowledge of Akamai, Cloudflare...

About The Role Project Role : Security Architect Project Role Description : Define the security architecture, ensuring that it meets the business requirements and performance goals. Must have skills : Operational Technology (OT) Security Good to have skills : Network Security ImplementationMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Senior IT/ OT Endpoint Security engineer, you will be focused to lead the design, implementation, and management of endpoint security controls across enterprise environments. You will play a crucial role in protecting critical assets such as Server Work stations, and ICS equipments. Roles & Re...

We are seeking a seasoned and visionary SOC Manager to lead and evolve our 24x7 Security Operations Center. This role demands a strategic thinker with deep technical expertise, operational excellence, and leadership capabilities to drive threat detection, incident response, adversarial exposure validation and continuous improvement across our cybersecurity landscape. 1. Lead and manage the 24x7 SOC operations team, including SOC analysts, incident responders, and threat hunters. 2. Develop and maintain SOC procedures, playbooks, and workflows that include cloud- native threats and attack vectors. 3. Oversee incident detection, triage, analysis, escalation, and response processes. 4. Drive us...

Key Responsibilities - Security Architecture & Implementation Design and implement security solutions aligned with ManpowerGroups standards for Azure cloud environments. Manage Azure Policy, Secure Score, and ensure compliance with defined security benchmarks. Administer Active Directory Group Policies, Azure AD, MFA/PIM, and RBAC configurations. Threat Protection & Monitoring Utilize Microsoft Defender for Cloud, Defender for Endpoint, and Defender for Identity for threat detection and response. Perform continuous monitoring and log analysis using Azure Monitor, Log Analytics, and Kusto Query Language (KQL). Conduct vulnerability assessments and implement mitigation strategies using Azure S...

Role & responsibilities The Cyberwatcher is responsible for: Maintain expert knowledge of Advanced Persistent Threat (APT) Tools, Techniques and Procedures(TTPs), forensics and incident response best practices. Use threat intelligence and threat models to build threat scenarios. Prepare and conduct threat-hunting campaigns to check threat scenarios. Research, analyze and correlate a wide range of data sets from any source. Proactive and iterative research into systems and networks to detect advanced threats. Reporting risk analysis and threat findings to the relevant stakeholders. Identify and provide automated alerts for emerging and historically unknown threats. Co-operate with multiple te...

About The Role Project Role : Security Architect Project Role Description : Define the security architecture, ensuring that it meets the business requirements and performance goals. Must have skills : Operational Technology (OT) Security Good to have skills : Network Security Implementation Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Senior IT/ OT Endpoint Security engineer, you will be focused to lead the design, implementation, and management of endpoint security controls across enterprise environments. You will play a crucial role in protecting critical assets such as Server Work stations, and ICS equipments. Roles & R...

As an L3 SOC Analyst at CyberProof, a UST Company, you will play a crucial role in monitoring, investigating, and resolving security incidents, violations, and suspicious activities. Your primary responsibilities will include: - Acting as an escalation point for high and critical severity security incidents and conducting thorough investigations to determine potential impact and understand the extent of compromise. - Analyzing attack patterns, Tools, Techniques and Procedures (TTPs) to identify methods of attacks and attack life cycle. - Providing recommendations on issue resolution activities such as security controls policy configuration changes and security hygiene improvement. - Hunting ...

As a Threat Researcher at TechOwl in Surat, your role will involve diving deep into the world of cybersecurity to uncover hidden threats. Your responsibilities will include: - Researching and analyzing new cyber threats, malware, and attack patterns - Monitoring and investigating dark web forums, marketplaces, and threat actor chatter - Developing detailed threat intelligence reports and detection rules - Collaborating with security teams to deliver actionable insights - Staying ahead of emerging attacker techniques and underground trends To excel in this role, we are looking for someone with the following qualifications: - Hands-on experience in Threat Research, Malware Analysis, or Threat ...