669 Threat Hunting Jobs - Page 16

Responsibilities Work in a 24x7 Security Operation Centre (SOC) environment. Provide analysis and trending of security log data from various security devices. Coordinate incident response on a daily basis. Perform threat analysis to improve detection capabilities. Conduct forensic investigations and develop recovery plans. Develop and implement advanced defensive strategies and countermeasures. Engage in threat hunting to identify potential threats that may have bypassed defenses. Communicate effectively through written and visual documents for diverse audiences. Requirements Minimum of 6+ years of experience in Cybersecurity. At least 6 years of working in a Security Operations Center (SOC)...

Role & responsibilities Idea candidate should have: The ideal candidate is a highly skilled and proactive Threat Hunter with a strong background in hypothesis-driven hunting, adversary TTP analysis, and cross-functional collaboration. They should have a minimum of 8 years Cyber Security Domain Experience preferably in Red or Blue team and 35 years of hands-on experience in Threat Hunting, with a deep understanding of the MITRE ATT&CK framework and a proven ability to detect and investigate advanced threats beyond signature-based solutions. Adept at leveraging Google SecOps, CrowdStrike EDR, Palo Alto, Splunk for data analysis and they bring strong scripting capabilities (e.g., Python, PowerS...

Design and build a formal threat hunting program with a strong emphasis on hypothesis-based hunting methodologies. Use threat intelligence, MITRE ATT&CK, and risk models to form hypotheses and validate them through structured hunts. Leverage existing tools/technologies to automate hunts, visualise results, and create reusable artifacts for future investigations and detections. Collaborate with detection engineering to convert threat hunt findings into high fidelity detection content. Document and maintain a robust repository for hunting methodologies, tooling, and findings to enable continuous improvement and team scaling. Provide regular reports and presentations to stakeholders, with clear...

Monitor,analyze security events,alerts across various platforms. Investigate potential security incidents,escalate as appropriate,following defined incident response processes. Correlate events from multiple sources to identify patterns or anomalies Required Candidate profile Lead,participate in threat hunting activities to proactively identify potential threats vulnerabilities Serve as the administrator for SOC tools including SIEM, EDR, SOAR,threat intelligence platforms Perks and benefits To be disclosed post interview

Company Overview Incedo is a US-based consulting, data science and technology services firm with over 3000 people helping clients from our six offices across US, Mexico and India. We help our clients achieve competitive advantage through end-to-end digital transformation. Our uniqueness lies in bringing together strong engineering, data science, and design capabilities coupled with deep domain understanding. We combine services and products to maximize business impact for our clients in telecom, Banking, Wealth Management, product engineering and life science & healthcare industries. Working at Incedo will provide you an opportunity to work with industry leading client organizations, deep te...

Strong understanding of enterprise risk management and third-party/vendor risk management.Project management skills to track GRC initiatives, audits, and remediation efforts. Required Candidate profile Lead compliance activities with SEBI, NCIPC, CERT-IN, and other applicable Indian regulatory bodies; ensure alignment with global standards like ISO 27001, SOC 2, and NIST Cybersecurity Framework.

Your Role Configure and customize FortiSOAR to automate and orchestrate security workflows across enterprise environments. Develop and maintain automation playbooks using Python and scripting languages aligned with security use cases. Integrate various security tools and platforms using APIs, Ansible, and custom scripts to enhance SOC capabilities. Monitor, analyze, and troubleshoot automated security processes to proactively address threats and improve response times. Collaborate with IT and security teams to align FortiSOAR configurations with organizational goals and compliance needs. Your Profile 9 to 12 years of experience in security automation and orchestration using FortiSOAR. Experi...

Job Description: We are seeking a highly skilled information security professional responsible for identifying, isolating, and resolving advanced threats in the organization’s network and actively search for vulnerabilities and mitigate cybersecurity risks that affect the organization. Key Responsibilities: 1)Monitor the security patterns to identify, isolate, and detect the threats before attackers tend to exploit them 2)Search for security gaps by performing risk assessment, penetration testing, and identifying internal risks 3)Responsible for analysing and detecting cyber threats that affect business operations using threat intelligence and monitor the Indicators of Compromise (IOC) and r...

Monitoring & Analysis: Continuously monitor security tools (XDR, WAF, DLP, etc.) and analyse alerts to identify potential threats.Threat Hunting: Conduct proactive threat hunting activities to identify and mitigate risks before they escalate. Required Candidate profile Configuration & Optimization: Configure, fine-tune, and optimize security technologies to enhance detection and prevention capabilities.Candidate must work 24x7 in shift duties.

We are looking for an experienced Threat Hunting Analyst to join our Cybersecurity team. The ideal candidate will proactively hunt for cyber threats, analyze datasets, work closely with our SOC to detect, investigate, respond to security incidents. Required Candidate profile Conduct hypothesis-driven hunts using MITRE ATT&CK framework Execute threat simulation exercises to validate existing security controls Expert inThreat Hunting, Incident Response,Security Monitoring Perks and benefits To be disclosed post interviews

Entain India is the engineering and delivery powerhouse for Entain, one of the world's leading global sports and gaming groups. Established in Hyderabad in 2001, we have grown from a small tech hub into a dynamic force, delivering cutting-edge software solutions and support services that power billions of transactions for millions of users worldwide. Our focus on quality at scale drives us to create innovative technology that supports Entain's mission to lead the change in the global sports and gaming sector. At Entain India, we make the impossible possible, together. This role at Entain India involves working closely with teams across the group to identify and handle security incidents, ens...

As a member of the team at Atos, you will be responsible for triaging, investigating, and analyzing security alerts that are escalated from L1 analysts. Your role will involve performing in-depth analysis of logs, alerts, and network traffic using various SIEM tools such as Splunk, QRadar, and ArcSight. Additionally, you will be expected to conduct root cause analysis of security incidents and provide recommendations for containment and remediation actions. It will be your responsibility to respond to medium and high-severity incidents and escalate critical incidents to L3 or IR teams when necessary. Furthermore, you will play a key role in threat hunting by utilizing IOCs, anomaly detection...

Tradeweb Markets is a global leader in electronic trading, catering to approximately 2,500 clients worldwide, spanning various sectors such as banks, asset managers, hedge funds, insurance companies, wealth managers, and retail clients across 65 countries. Since its inception in 1998, Tradeweb has been instrumental in revolutionizing and digitizing the fixed income markets. The company prides itself on a culture centered around innovation, creativity, and collaboration, leveraging the expertise of talented individuals, cutting-edge technology, and a wide network of clients to enhance financial market trading practices. As part of Tradeweb's Security Operations team, you will play a crucial r...

As a Transition Specialist for the Threat Intelligence Platform & Advisory role, your primary responsibility will be to lead the transition processes associated with the Threat Intelligence Platform. Your aim should be to ensure minimal disruption to ongoing operations during this transitional phase. Additionally, you will be expected to provide expert advisory services on threat intelligence strategies and best practices to both internal and external stakeholders. Your role will also involve overseeing the integration of new threat intelligence tools and technologies into the existing infrastructure. Furthermore, you will be required to develop and deliver training programs for team members...

As a SOC Lead, you will be responsible for incident detection and response, utilizing tools such as Azure Sentinel SIEM, Splunk, and Microsoft Defender for Endpoint. Your primary tasks will involve investigating high-priority security incidents, determining root causes, and guiding the team in remediation efforts. Furthermore, you will be tasked with creating and refining custom detection rules in Azure Sentinel, monitoring alerts from Microsoft Defender for Endpoint to identify security threats, and documenting security incidents including timelines and outcomes. Your role will also involve collaborating with other SOC team members, IT teams, and external vendors to resolve incidents and pr...

As a SOC L2 Analyst with 3 to 6 years of experience, you will be a key player in the Security Operations Center, responsible for managing intricate security incidents, conducting thorough investigations, and guiding L1 analysts. Your role will involve harnessing advanced security tools and technologies to identify, analyze, and address sophisticated cyber threats. Your primary responsibilities will include delving into escalated security incidents, conducting detailed analysis and correlation of security events, and devising strategies to mitigate and resolve incidents effectively. Additionally, you will engage in proactive threat hunting activities, utilizing tools such as Splunk, CrowdStri...

The Cyberwatcher role involves maintaining expert knowledge of Advanced Persistent Threat (APT) Tools, Techniques, and Procedures (TTPs), as well as forensics and incident response best practices. You will be expected to use threat intelligence and threat models to create threat scenarios, conduct threat-hunting campaigns, and analyze various data sets from diverse sources. Proactive research on systems and networks to identify advanced threats is a crucial aspect of this role. Reporting risk analysis and threat findings to stakeholders, providing automated alerts for emerging threats, and collaborating with different teams to enhance security checks and detection performance are also part o...

Eventus Security is a prominent cybersecurity solutions provider specializing in threat detection, incident response, and managed security services. The organization aims to assist clients in proactively securing their digital assets through cutting-edge technologies and expert-driven services. By prioritizing innovation and trust, Eventus Security empowers businesses to remain resilient in the constantly evolving cyber threat landscape. The ideal candidate for the position of Security Lead (L3) SOC at Eventus Security should possess 5-10 years of relevant experience. The job locations for this role are Navi Mumbai and Ahmedabad. Key Responsibility Areas: Security Incident Leadership: - Take...

As a Senior Specialist in Cyber Security Operations at AB InBev GCC, you will have the exciting opportunity to be a part of a growing team of top professionals dedicated to protecting AB InBev from sophisticated threats. Your role will involve working as a Cyber threat hunter, investigating security alerts, and responding to incidents within defined timelines. You will collaborate with incident responders in a 24x7 shift model and utilize your deep knowledge of security tools and platforms to monitor threats and new attack techniques. Key tasks and accountabilities include monitoring, responding, and processing security alerts triggered from various SOC tools deployed across on-premises and ...

The ideal candidate for this position will succeed if they possess both knowledge and technical depth about the company and the industry. This is crucial as they are expected to play a central role in the decision-making process, collaborating with various individuals from different teams as needed. Additionally, they will be responsible for supervising specific personnel. Responsibilities - Manage and mentor a team of SOC analysts (Tier 1-3) across multiple shifts - Oversee threat hunting, incident response, and security monitoring operations - Develop and refine SOC procedures, playbooks, and escalation processes Qualifications - Bachelor's degree or equivalent experience - Proficiency in ...

Work with MCX to enhance your career growth and excel in the field of Information Security. MCX values its employees" domain expertise and commitment, which have been pivotal in the company's success. If you are an ambitious and result-oriented professional, MCX offers exciting career opportunities for you to realize your potential in the cybersecurity domain. As a Manager - Information Security at MCX based in Mumbai, you will play a crucial role in ensuring the optimal performance of security technologies through operational oversight. With a Bachelor's degree in Cybersecurity, Information Technology, or related fields, along with 8-10 years of experience in cybersecurity (including 3+ yea...

As a Consultant working in a hybrid work mode with a shift from 1 PM to 10 PM, you will be responsible for various Cyber Security auditing tasks in locations like Bangalore, Pune, Noida, and Gurgaon. Your duties will involve understanding engagement objectives, preparing audit plans, and testing procedures to meet review objectives. You will gather detailed insights into IT and business processes, systems, and controls, and lead risk assessments and evaluations. Additionally, you will identify opportunities to leverage data analytics, track project status, and ensure high-quality work paper documentation according to client standards. You will drive discussions on audit findings with the tea...

We are seeking an experienced and proactive SOC Lead to drive the operations of our Security Operations Center. The ideal candidate will have strong expertise in cybersecurity monitoring, incident response, threat hunting, and stakeholder communication. This role involves leading a global 24x7 SOC team, coordinating with cross-functional teams, and enhancing our threat detection and response capabilities. You will act as the escalation point for complex incidents and play a key role in process improvement, automation, and mentoring the SOC team. Key Responsibilities: Lead and coordinate the 24x7 SOC operations, managing a distributed team of L1 and L2 analysts. Provide advanced triage and in...

Join us as a Senior Cyber Operations Analyst Cyber Threat Hunting at Barclays, responsible for supporting the successful delivery of Location Strategy projects to plan, budget, agreed quality and governance standards You'll spearhead the evolution of our digital landscape, driving innovation and excellence You will harness cutting-edge technology to revolutionise our digital offerings, ensuring unparalleled customer experiences, To be successful as a Senior Cyber Operations Analyst Cyber Threat Hunting you should have experience with: Strong analytic skills, Strong experience in cyber security, especially in threat hunting or incident response, Good knowledge of security toolsets, Prior expe...

Good experience in SIEM tools, event logging and event analysis and experience in forensic analysis, Packet Analysis tools like Wireshark, TCP Dump etc. SIRT/SIEM/Threat Hunting Background/intel, netwitness, splunk, qRadar, RSA Netwitness, Linux/python understanding/Ethical hiking/programming background added advantage. Good knowledge in enterprise security products like SIEM tools, SOC, Security Incident Management, Threat Intel, Malware analysis, Firewalls, IPS, Web/content Filtering tools, AV, APT Tools, Wireshark, TCP Dump, Encase/Any other Forensic tool kit Very good understanding of security fundamentals and principles, attack techniques, Mitre, TTP, hacking tools etc Having experience...