Sr. Manager – Threat Hunting – Cyber Defense Centre
Job opportunity for a working professional having at least 10 years of experience in Threat Hunting & Threat Intelligence Management.
Location: Noida
Job Description
General SIEM monitoring, Research, analysis, and response for alerts; including log retrieval and documentation
Identifying weaknesses in the enterprise IT -security controls by design or implementation and validate by exploiting using various scenario-based techniques. (Manually and using tools)
Coordinating with control owners to get the weaknesses fixed and report to the senior leadership the progress understanding of deception technology/ honeypots/sinkhole would be desirable
Stay on top of emerging threats, widely exploited vulnerabilities, discovered zero days and advanced defensive techniques /solutions.
Researching on threats and vulnerabilities, reverse malware engineering and creating exploit kits as required
Threat hunting, reverse-engineering of phishing/malware attacks
Handling critical incidents/escalations, reviewing incidents and tracking towards closure
Team Management, performance monitoring and prepare reports on weekly, monthly basis and share to stakeholders as needed
Good knowledge about common security attacks, targeted attacks
Contribute to continue monitoring and improvement of security posture of the organization
Conduct analysis of network traffic and host activity across a wide array of technologies and platforms (DLP, EDR, Firewall, Network devices, Windows based Active Directory etc.)
Identify gaps in IT infrastructure by mimicking an attackers behaviors and responses
Capture intelligence on threat actor TTPs and develop countermeasures in response to threat actors
Analyze network traffic, IDS/IPS/DLP events, packet capture, and FW logs; malicious campaigns and evaluate effectiveness of security technologies
Requirements:
B. Tech or equivalent; MSc Cyber Forensics Degree Certifications preferred –
(CISSP / GCIH / CREST / OSCP)
Good experience in SIEM tools, event logging and event analysis and experience in forensic analysis, Packet Analysis tools like Wireshark, TCP Dump etc.
Good knowledge in enterprise security products like SIEM tools, SOC, Security Incident Management, Threat Intel, Malware analysis, Firewalls, IPS, Web/content Filtering tools, AV, APT Tools, Wireshark, TCP Dump, Encase/Any other Forensic tool kit
Very good understanding of security fundamentals and principles, attack techniques, TTP, hacking tools etc.
Vulnerability assessment and Penetration testing
Strong analytical and investigation skills
Experience with active threat hunting and adversary tracking
Working knowledge of security architectures and devices
Working knowledge of threat intelligence consumption and management
Working knowledge of root causes of malware infections and proactive mitigation
Working knowledge of lateral movement, footholds, and data exfiltration techniques
What is in it for you?
An opportunity to work with global clientele in a fast-paced environment with a growth oriented & enthusiastic team.
Reach us
If you think that this role will add value to your career, kindly write me an email along with your updated CV on Nishant.sharma@crescendogroup.in
Disclaimer: Crescendo Global is an ISO 9001:2015 certified Leadership Hiring consulting arm of Crescendo Group with expertise in mid to senior level niche recruitment. We are passionate about empowering job seekers and employers with an engaging memorable job search and leadership hiring experience. Crescendo Global does not discriminate on the basis of race, religion, color, origin, gender, sexual orientation, age, marital status, veteran status or disability status.
Profile Keywords: Threat Hunting, Vulnerability assessment and Penetration testing, SIEM