Sr. Manager – Threat Hunting – Cyber Defense Centre (10+ years)

Location: Noida
Discipline: Analytics
Job type: Permanent
Contact name: Nishant Sharma

Contact email: nishant.sharma@crescendogroup.in
Job ref: 36905
Published: about 6 hours ago

Sr. Manager – Threat Hunting – Cyber Defense Centre 

Job opportunity for a working professional having at least 10 years of experience in Threat Hunting & Threat Intelligence Management.

 

Location: Noida 

 

Job Description

 

  • General SIEM monitoring, Research, analysis, and response for alerts; including log retrieval and documentation

  • Identifying weaknesses in the enterprise IT -security controls by design or implementation and validate by exploiting using various scenario-based techniques. (Manually and using tools)

  • Coordinating with control owners to get the weaknesses fixed and report to the senior leadership the progress understanding of deception technology/ honeypots/sinkhole would be desirable

  • Stay on top of emerging threats, widely exploited vulnerabilities, discovered zero days and advanced defensive techniques /solutions.

  • Researching on threats and vulnerabilities, reverse malware engineering and creating exploit kits as required

  • Threat hunting, reverse-engineering of phishing/malware attacks

  • Handling critical incidents/escalations, reviewing incidents and tracking towards closure

  • Team Management, performance monitoring and prepare reports on weekly, monthly basis and share to stakeholders as needed

  • Good knowledge about common security attacks, targeted attacks

  • Contribute to continue monitoring and improvement of security posture of the organization

  • Conduct analysis of network traffic and host activity across a wide array of technologies and platforms (DLP, EDR, Firewall, Network devices, Windows based Active Directory etc.) 

  • Identify gaps in IT infrastructure by mimicking an attackers behaviors and responses

  • Capture intelligence on threat actor TTPs and develop countermeasures in response to threat actors

  • Analyze network traffic, IDS/IPS/DLP events, packet capture, and FW logs; malicious campaigns and evaluate effectiveness of security technologies

 

Requirements:

 

  • B. Tech or equivalent; MSc Cyber Forensics Degree Certifications preferred –

  • (CISSP / GCIH / CREST / OSCP)

  • Good experience in SIEM tools, event logging and event analysis and experience in forensic analysis, Packet Analysis tools like Wireshark, TCP Dump etc.

  • Good knowledge in enterprise security products like SIEM tools, SOC, Security Incident Management, Threat Intel, Malware analysis, Firewalls, IPS, Web/content Filtering tools, AV, APT Tools, Wireshark, TCP Dump, Encase/Any other Forensic tool kit

  • Very good understanding of security fundamentals and principles, attack techniques, TTP, hacking tools etc.

  • Vulnerability assessment and Penetration testing

  • Strong analytical and investigation skills

  • Experience with active threat hunting and adversary tracking

  • Working knowledge of security architectures and devices

  • Working knowledge of threat intelligence consumption and management

  • Working knowledge of root causes of malware infections and proactive mitigation

  • Working knowledge of lateral movement, footholds, and data exfiltration techniques

 

What is in it for you?

An opportunity to work with global clientele in a fast-paced environment with a growth oriented & enthusiastic team.

 

Reach us

If you think that this role will add value to your career, kindly write me an email along with your updated CV on Nishant.sharma@crescendogroup.in

 

Disclaimer: Crescendo Global is an ISO 9001:2015 certified Leadership Hiring consulting arm of Crescendo Group with expertise in mid to senior level niche recruitment. We are passionate about empowering job seekers and employers with an engaging memorable job search and leadership hiring experience. Crescendo Global does not discriminate on the basis of race, religion, color, origin, gender, sexual orientation, age, marital status, veteran status or disability status.

 

Profile Keywords: Threat Hunting, Vulnerability assessment and Penetration testing, SIEM