439 Threat Intelligence Jobs

Level: L3 Continuously monitor traffic flows and policy violations using Guardicores visualization tools. Tune segmentation policies based on observed behaviour, threat intelligence, and compliance requirements. Ensure proactive alerting and response to unauthorized communication attempts Act as L3 SME for micro segmentation-related incidents within the CDC (Cyber Defense Center) operations model Collaborate with SOC, SIEM, and WAF teams to correlate alerts and enforce containment strategies. Support 24x7 on-call operations for critical incident response and policy enforcement Participate in governance forums and SLA reviews to report on segmentation coverage, policy effectiveness, and incid...

Level: L3 Continuously monitor traffic flows and policy violations using Guardicores visualization tools. Tune segmentation policies based on observed behaviour, threat intelligence, and compliance requirements. Ensure proactive alerting and response to unauthorized communication attempts Act as L3 SME for micro segmentation-related incidents within the CDC (Cyber Defense Center) operations model Collaborate with SOC, SIEM, and WAF teams to correlate alerts and enforce containment strategies. Support 24x7 on-call operations for critical incident response and policy enforcement Participate in governance forums and SLA reviews to report on segmentation coverage, policy effectiveness, and incid...

Level: L3 Continuously monitor traffic flows and policy violations using Guardicores visualization tools. Tune segmentation policies based on observed behaviour, threat intelligence, and compliance requirements. Ensure proactive alerting and response to unauthorized communication attempts Act as L3 SME for micro segmentation-related incidents within the CDC (Cyber Defense Center) operations model Collaborate with SOC, SIEM, and WAF teams to correlate alerts and enforce containment strategies. Support 24x7 on-call operations for critical incident response and policy enforcement Participate in governance forums and SLA reviews to report on segmentation coverage, policy effectiveness, and incid...

Level: L3 Continuously monitor traffic flows and policy violations using Guardicores visualization tools. Tune segmentation policies based on observed behaviour, threat intelligence, and compliance requirements. Ensure proactive alerting and response to unauthorized communication attempts Act as L3 SME for micro segmentation-related incidents within the CDC (Cyber Defense Center) operations model Collaborate with SOC, SIEM, and WAF teams to correlate alerts and enforce containment strategies. Support 24x7 on-call operations for critical incident response and policy enforcement Participate in governance forums and SLA reviews to report on segmentation coverage, policy effectiveness, and incid...

Level: L3 Continuously monitor traffic flows and policy violations using Guardicores visualization tools. Tune segmentation policies based on observed behaviour, threat intelligence, and compliance requirements. Ensure proactive alerting and response to unauthorized communication attempts Act as L3 SME for micro segmentation-related incidents within the CDC (Cyber Defense Center) operations model Collaborate with SOC, SIEM, and WAF teams to correlate alerts and enforce containment strategies. Support 24x7 on-call operations for critical incident response and policy enforcement Participate in governance forums and SLA reviews to report on segmentation coverage, policy effectiveness, and incid...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level -L3 Lead the development of threat hunting hypotheses using threat intelligence, MITRE ATT&CK, and kill chain models Guide the team in conducting hunts across SIEM, EDR/XDR, and network telemetry to uncover hidden threats Validate and refine threat intelligence to ensure it is actionable and relevant Translate hunting outcomes into detection logic and use cases for SIEM and SOAR platforms Collaborate with content developers to build and tune correlation rules and analytics Identify gaps in visibility and recommend improvements to logging and telemetry coverage Escalate confirmed findings to L3 incident response teams with detailed evidence and RCA Recommend preventive and detective cou...

Level -L3 Lead the development of threat hunting hypotheses using threat intelligence, MITRE ATT&CK, and kill chain models Guide the team in conducting hunts across SIEM, EDR/XDR, and network telemetry to uncover hidden threats Validate and refine threat intelligence to ensure it is actionable and relevant Translate hunting outcomes into detection logic and use cases for SIEM and SOAR platforms Collaborate with content developers to build and tune correlation rules and analytics Identify gaps in visibility and recommend improvements to logging and telemetry coverage Escalate confirmed findings to L3 incident response teams with detailed evidence and RCA Recommend preventive and detective cou...

Level -L3 Lead the development of threat hunting hypotheses using threat intelligence, MITRE ATT&CK, and kill chain models Guide the team in conducting hunts across SIEM, EDR/XDR, and network telemetry to uncover hidden threats Validate and refine threat intelligence to ensure it is actionable and relevant Translate hunting outcomes into detection logic and use cases for SIEM and SOAR platforms Collaborate with content developers to build and tune correlation rules and analytics Identify gaps in visibility and recommend improvements to logging and telemetry coverage Escalate confirmed findings to L3 incident response teams with detailed evidence and RCA Recommend preventive and detective cou...

Level -L3 Lead the development of threat hunting hypotheses using threat intelligence, MITRE ATT&CK, and kill chain models Guide the team in conducting hunts across SIEM, EDR/XDR, and network telemetry to uncover hidden threats Validate and refine threat intelligence to ensure it is actionable and relevant Translate hunting outcomes into detection logic and use cases for SIEM and SOAR platforms Collaborate with content developers to build and tune correlation rules and analytics Identify gaps in visibility and recommend improvements to logging and telemetry coverage Escalate confirmed findings to L3 incident response teams with detailed evidence and RCA Recommend preventive and detective cou...

Level -L3 Lead the development of threat hunting hypotheses using threat intelligence, MITRE ATT&CK, and kill chain models Guide the team in conducting hunts across SIEM, EDR/XDR, and network telemetry to uncover hidden threats Validate and refine threat intelligence to ensure it is actionable and relevant Translate hunting outcomes into detection logic and use cases for SIEM and SOAR platforms Collaborate with content developers to build and tune correlation rules and analytics Identify gaps in visibility and recommend improvements to logging and telemetry coverage Escalate confirmed findings to L3 incident response teams with detailed evidence and RCA Recommend preventive and detective cou...

Role Overview: At OpenText, AI is a core aspect of our operations, driving innovation and transforming work processes to empower digital knowledge workers. As part of our team, you will play a crucial role in shaping the future of information management by leveraging your expertise. Key Responsibilities: - Perform monitoring, identification, investigation, documentation, resolution, and reporting of security alerts by prioritizing events based on risk/exposure. - Analyze Endpoint Detection and Response (EDR), Network, Cloud, and other traffic and log data to identify potential threats or vulnerabilities. - Generate tickets and incident reports for external clients and Tier 3 analysts. - Reme...

Role Overview: As a Cyber Security Specialist, you will play a critical role in safeguarding the organization's digital assets. Your focus will be on Cyber Threat Intelligence Services to identify and mitigate potential threats. Your expertise in Cyber Security and Cloud, along with experience in CrowdStrike, will be essential in ensuring the security of systems. This hybrid role offers flexibility to work remotely and on-site during day shifts. Key Responsibilities: - Lead the development and implementation of advanced cyber threat intelligence strategies to protect organizational assets. - Oversee the monitoring and analysis of security threats using CrowdStrike and other advanced tools. -...

Role Overview: You will be responsible for providing training in Ethical Hacking & IT security, Cyber Forensics, and working on IT Security projects including Vulnerability Assessment & Penetration Testing Projects. Key Responsibilities: - Demonstrate proficiency in tools such as Metasploit, OWASP top ten attacks, Burpsuite, Kali Linux, Acunetix, Nessus, Nmap, etc. - Conduct Vulnerability Assessment and Network Penetration Testing. - Perform Internal & External, Web App scanning, and Penetration testing using both manual methods and automated tools. - Possess a good understanding of Threat Intelligence and familiarity with domain tools. - Exhibit effective communication skills in English. - ...

Key Responsibilities Monitor and analyze threat intelligence using tools such as ZeroFox, Recorded Future, Digital Shadows, or similar platforms. Write comprehensive and technical cybersecurity reports with strong attention to detail. Utilize OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search for threat intelligence gathering. Develop, sustain, and enrich custom threat intelligence feeds using platforms like MISP, with scripting in Python, Azure, and Linux. Manage threat intelligence feeds using platforms such as Anomali, ThreatQ, Cyble, Cyware, OpenCTI, and MISP. Integrate threat intelligence feeds into common SIEMs, particularly Microsoft Sentinel. ...

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve co...

About The Role Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Advisor, you will provide enterprise-level advice to make organizations cyber resilient. Your typical day will involve engaging with various teams to assess and mitigate cyber threats, developin...

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementatio...

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Red Teaming Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will oversee the strategic planning and execution of red team operations to emulate real-world threats and uncover security weaknesses across the organization. Your typical day will involve planning, scoping an...

Role & responsibilities The Cyberwatcher is responsible for: Maintain expert knowledge of Advanced Persistent Threat (APT) Tools, Techniques and Procedures(TTPs), forensics and incident response best practices. Use threat intelligence and threat models to build threat scenarios. Prepare and conduct threat-hunting campaigns to check threat scenarios. Research, analyze and correlate a wide range of data sets from any source. Proactive and iterative research into systems and networks to detect advanced threats. Reporting risk analysis and threat findings to the relevant stakeholders. Identify and provide automated alerts for emerging and historically unknown threats. Co-operate with multiple te...

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve col...