Job Description (Posting). JD for Threat Hunting Provide technical leadership for the delivery team, responsible for L3 incident resolution. Coordinate SOC efforts across multiple business units during response. Perform hunting exercises using threat intelligence, analysis of anomalous log data and results of historical events and data to detect and response to threats Should be able to leverage SIEM, XDR, and EDR solutions to identify threats more quickly and with greater context for faster resolution. Have the most up-to-date resources on current trends. Stay informed on the latest emerging threats and tactics. Notify/Train employees to identify and report suspicious behaviors. Reduce the possibility of insider threats by keeping your people informed. Be able to, Create a theory or hypothesis Conduct research Identify the trigger Investigate the threat Respond and remediate Prepare reports, summaries, and other forms of communication that may be both internal and client facing. Maintaining familiarity with industry trends and security best practices. Work/guide on scripting like Python, Perl, Bash and/or Shell scripting Evaluating Email Security solutions for policies like Sender Policy Framework(SPF) and Domain Keys Identification Mail(DKIM), recommend finetuning. Effectively communicate/present security concepts with both technical and non-technical individuals Author post mortem reports to be provided to senior leadership following an intrusion or red team engagement. To clealry understand the client's cybersecurity environment and respective technological products. (2.) To identify and mitigate cybersecurity gaps in the client's environment and Skill Enhancement (3.) To complete assigned projects and tuningortechnical enhancement activities within the agreed timelines and support in the maturation of client's security postureorcomplianceorprocesses through idea generation and value creation. (4.) To analyse security concerns in Change Management Process and implement tools for Cyber Security improvement. (5.) To investigate cybersecurity incidents, perform RCA, work and coordinate with teams for all the ongoing critical security issues. (6.) To enable knowledge transfer through creationor maintenance of process documents; and training for specific tools to ensure all team members are updated on the tools and processes used (7.) To update client and stakeholders on current project progress and ongoing critical issues Qualification B.E, BBA, BCA, BCom, B-Tech, M.E., MBA, MCA No. of Positions 1 Skill (Primary) INFORMATION SECURITY-SOC ANALYST-SECURITY EVENT INVESTIGATION Auto req ID 1388437BR
