446 Threat Hunting Jobs - Page 18

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a seasoned cybersecurity expert with deep hands-on expertise in Microsoft Sentinel to build, optimize, and automate enterprise-wide detection and response strategies. The rol...

Role: SOC Analyst - L3 Job Type: Full Time, Permanent Location: Pune (Onsite) Experience Required: 5+ years of experience in network and IT security field, managing SOC systems and operations (defining strategy around security monitoring, incident management, regulatory compliance, process improvement etc.) Qualification: Certifications in Cyber security/Information Security/Networking, Degree in Computer Science / Applications. CTC: 16 LPA to 20 LPA Primary Abilities SIEM SOAR UEBA NBAD/NDR Endpoint Security Threat Hunting Threat Analysis Team Leading Client Interaction Responsibilities: Lead and mentor junior SOC analysts Conduct in-depth investigations into complex security incidents Iden...

Bachelors in Business, Management, Computer Science, or equivalent work experience. 5–10 years in global, matrix-managed organizations; 3+ years in Cybersecurity Operations. Hands-on experience in Incident Response, Forensics, and Threat/Vulnerability Management. Strong knowledge of detection tools (IDS/IPS, EDR, Anti-virus), OS (Windows/Linux), and protocols. Familiarity with tools like Splunk, Phantom, Python, CrowdStrike, Tanium, Defender, Azure, AWS. Proficient in InfoSec domains: Risk Management, Network Security, Governance, and Forensics. Skilled in cloud security, vulnerability remediation, scripting (Python/RegEx), and frameworks (MITRE). Experience in security monitoring, data corr...

About the Role: We are looking for an experienced security professional to join our Security Operations Center (SOC) team. This role focuses on designing, refining, and implementing advanced threat detection use cases and response strategies aligned with the MITRE ATT&CK and Cyber Kill Chain frameworks. You will collaborate with Threat Intelligence, Incident Response, and Forensics teams to strengthen defense capabilities and proactively mitigate cyber threats. Key Responsibilities: Develop and implement custom security detection use cases and response strategies. Leverage MITRE ATT&CK and Cyber Kill Chain to identify, analyze, and prevent cyber threats. Participate in red teaming and penetr...

Role Overview: We are seeking a highly motivated and analytical individual to join our global Cyber Threat Intelligence team as a Cyber Threat Intelligence Sr. Analyst. As a part of our Advisory & Assessment team, you will contribute to the identification and mitigation of emerging threats, enabling our clients to proactively defend against cyberattacks. Responsibilities: Evaluation of Created Searches: - Assess the effectiveness of the created searches in detecting relevant Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs). - Analyze the frequency of false positives and false negatives to refine search criteria and minimize errors. Reviewing Reports: - Examine t...

Job Description : • Proactively hunt for advanced threats within the network and systems using various tools and techniques • Use both Attack Based Hunting and Data Based Hunting to identify and analyze potential threats • Stay up to date with the emerging threats and the tactics, techniques, and procedures (TTPs) used by threat actors • Use various data transformation techniques to facilitate effective hunting • Dissect and simulate attacks that would help in conceptualizing and executing the hunts • Contribute to the hunting knowledge management i.e., document details about the hunting expeditions, common behaviors, explained anomalies, friendly intelligence, etc. • Collaborate within/outs...

We are seeking dynamic candidate for the role of Security Engineer, proficient in Triage and respond to security incidents and alert,knowledge in cybersecurity principles,threat detection and incident response.Comfortable with 2:30 PM-11:30 PM(SHIFT) Required Candidate profile Security certifications such as CISSP, CISM, CEH. Previous experience in security automation, scripting and working in a SOC or security operations environment and cloud security best practices.

Role: The Security Operations (SOC) - Engineer is responsible for monitoring the environment, identifying, reporting, and responding to security threats that put the organization at risk. The primary function of this position is to monitor the security tools and perform alert management and initial incident qualification. Job Description Acknowledge, analyze, and validate incidents triggered from multiple security tools like IDS/IPS, Web Application Firewall, Firewalls, Endpoint Detection & Response tools, and events through SIEM solution Acknowledge, analyze, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc. Collection...

What You'll Do The SOC Analyst will play a key role in detecting, investigating, and responding to cyber threats across Avalara's products, services, and enterprise infrastructure. You'll work with top-tier tools and teams to monitor and analyze security incidents, support threat hunting, and drive investigations to resolution. This role is vital to incident response efforts and must remain active even during crisis events. You will report to Sr. Manager, Threat Detection and Response. This is a remote position. What Your Responsibilities Will Be Responsible for working in a 24x7 Security Operations Center (SOC) environment. This position is A-Shift (India Night) and is a member of an on-cal...

Role & responsibilities The Cyberwatcher is responsible for: Maintain expert knowledge of Advanced Persistent Threat (APT) Tools, Techniques and Procedures(TTPs), forensics and incident response best practices. Use threat intelligence and threat models to build threat scenarios. Prepare and conduct threat-hunting campaigns to check threat scenarios. Research, analyze and correlate a wide range of data sets from any source. Proactive and iterative research into systems and networks to detect advanced threats. Reporting risk analysis and threat findings to the relevant stakeholders. Identify and provide automated alerts for emerging and historically unknown threats. Co-operate with multiple te...

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to imp...

* Lead Incident Response (IR): * Act as the Subject matter expert for security incidents. * Analyze and respond to security breaches, perform root cause analysis, and coordinate remediation efforts. * Provide leadership during incident investigations, ensuring rapid and thorough handling. * SOC Automation & Integration: * Leverage Python scripting and Palo Alto XSOAR to automate security processes, streamline incident response, and enhance detection capabilities. * Design, implement, and maintain playbooks within XSOAR to address emerging security threats. * Threat Hunting & Monitoring: * Proactively perform threat hunting activities to detect advanced threats that may bypass existing securi...

Expertise on Endpoint Security as in DLP, AV, EDR/EPP solutions Experience with EDR tools (e.g., SentinelOne, CrowdStrike) and anti-virus/anti-malware solutions. Proficiency in analyzing and mitigating endpoint security threats and managing endpoint protection policies. SIEM and Incident ResponseHands-on experience with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel). Strong skills in incident response, threat hunting, and forensic investigation. Access and Identity ManagementFamiliarity with IAM concepts and tools, including MFA and SSO solutions. Experience with configuring and troubleshooting access control for network and endpoint systems. Automation and ScriptingBasic scriptin...

A UEBA (User and Entity Behavior Analytics) Administrator is a cybersecurity professional responsible for deploying, configuring, maintaining, and optimizing UEBA solutions to detect and respond to anomalous user and entity behavior within an organization's network. This role is crucial in identifying insider threats, compromised accounts, and sophisticated attacks that might bypass traditional security measures. Key ResponsibilitiesThe UEBA Administrator's responsibilities:*Deployment and Configuration:*Installing and setting up UEBA platforms and related components. *Integrating UEBA solutions with various data sources (e.g., SIEM, Active Directory, network devices, applications, cloud ser...

We are looking for a skilled SOC L2 expert to join our team Perform advanced analysis of security events escalated from L1 analysts, using SIEM and other security tools. Investigate and triage security alerts, incidents, and threats (malware, phishing, insider threats, data exfiltration, etc.). Conduct threat hunting to proactively identify and mitigate risks. Analyze logs from firewalls, IDS/IPS, endpoint protection, and network devices for anomalies. Escalate critical incidents to L3 or Incident Response (IR) teams as needed. Guide and mentor L1 analysts in effective triage and escalation practices. Maintain and update SOC runbooks, playbooks, and knowledge base . Collaborate with other te...

Train and manage the team of consultants to perform application penetration testing, vulnerability assessments for thick client – base application, source code reviews, and configuration reviews. Required Candidate profile Strong understanding of OWASP top 10 and SANS top 25 programming errors. Threat Hunting, attack identification, investigation, correlation and suggesting mitigation measures, Vulnerability Assessment.

The Cyber Forensic Specialist will operate in malware analysis or reverse engineering post-incident sandbox Required Candidate profile Essential Certifications(any one of the following) GIAC Certified Forensic Examiner(GCFE) Certified Computer Examiner(CCE) GIAC Certified Forensic Analyst(GCFA) Computer Hacking Forensic Investigation

About the Role: We are seeking a highly skilled Detection Engineering Specialist to lead the migration and optimization of our detection logic and alerting infrastructure to a new SIEM platform. This role is critical to ensuring the integrity, performance, and effectiveness of our security monitoring capabilities during and after the transition. Key Responsibilities: Audit and document existing detection rules, use cases, and alert logic from the legacy SIEM. Rebuild or refactor detection rules using the native query language and capabilities of the new SIEM platform. Validate detection efficacy through rigorous testing and tuning. Ensure alert workflows, playbooks, and escalation paths are ...

Role & responsibilities 1. Ensure optimal operation of MDR solution, including software and applications. 2. Ensure effectiveness of security solutions in scope 3. Develop use cases and playbooks for SIEM and SOAR for effective and automated incident detection and handing. 4. Test SIEM SOAR and other solutions in scope to explore the right technical defense/remedy and provide performance statistics and reports. 5. Ensure adequate controls are in place to protect critical assets against any incidents or threats from the internal or external environment. 6. Co-ordinate with vendors/partners & internal teams to manage the lifecycle of security platforms including deployments, maintenance and op...

Warm Greetings from SP Staffing!! Role :SOC Analyst Experience Required :8 to 12 yrs Work Location :Bangalore Required Skills, L3 Incident Management Edr SIEM Threat intelligence Interested candidates can send resumes to nandhini.spstaffing@gmail.com

Experience as SOC Analyst (L2/L3) or Incident Responder or Threat Hunter (minimum of 5 years) Ideally experience in areas of SOC, Cyber Security, Incident Responder, Penetration Testing or Digital Forensics Required Candidate profile Bachelor’s degree in Computer Science or Cybersecurity Any certification in area of IT Security is of advantage Experience in scripting and automation