This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Threat Hunter based in India.
We are seeking a cybersecurity specialist focused on proactively identifying and mitigating sophisticated threats across enterprise environments.
The role combines threat intelligence, security analytics, incident investigation, and advanced detection techniques to strengthen cyber defenses.
You will analyze complex security data, uncover hidden attacker activity, and develop strategies to prevent future incidents.
Working alongside security operations and engineering teams, you will enhance detection capabilities and improve overall security resilience.
The position offers exposure to modern cybersecurity platforms, emerging attack techniques, and advanced threat research.
You will contribute to a proactive security culture focused on innovation, collaboration, and continuous improvement.
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Threat Hunter based in India.
We are seeking a cybersecurity specialist focused on proactively identifying and mitigating sophisticated threats across enterprise environments.
The role combines threat intelligence, security analytics, incident investigation, and advanced detection techniques to strengthen cyber defenses.
You will analyze complex security data, uncover hidden attacker activity, and develop strategies to prevent future incidents.
Working alongside security operations and engineering teams, you will enhance detection capabilities and improve overall security resilience.
The position offers exposure to modern cybersecurity platforms, emerging attack techniques, and advanced threat research.
You will contribute to a proactive security culture focused on innovation, collaboration, and continuous improvement.
Accountabilities:
- Conduct proactive threat hunting across enterprise networks, endpoints, cloud platforms, and hybrid environments.
- Identify Indicators of Compromise (IOCs), Indicators of Attack (IOAs), suspicious behaviors, and emerging attack patterns.
- Analyze security telemetry from SIEM, EDR/XDR, network monitoring, and cloud security platforms to uncover hidden threats.
- Investigate advanced persistent threats (APTs), ransomware attacks, insider threats, phishing campaigns, and zero-day vulnerabilities.
- Develop and execute hypothesis-driven threat hunting activities using threat intelligence and the MITRE ATT&CK framework.
- Perform malware analysis, digital forensics, and root cause investigations for complex security incidents.
- Create and optimize detection rules, analytics, queries, and use cases for security monitoring platforms.
- Collaborate with SOC, Incident Response, Digital Forensics, and Security Engineering teams to improve threat detection and response processes.
- Integrate threat intelligence feeds into security monitoring platforms and enhance detection logic.
- Automate repetitive threat hunting activities using scripting and security automation tools.
- Prepare detailed investigation reports, executive summaries, and remediation recommendations.
- Track emerging cyber threats, attacker tactics, techniques, and procedures (TTPs) to continuously improve defense strategies.
- Support security maturity improvements by sharing knowledge and mentoring junior security analysts.
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- 5–10 years of experience in cybersecurity, threat hunting, SOC operations, incident response, or related security roles.
- Strong hands-on experience with threat hunting methodologies, cyber threat intelligence, digital forensics, and malware analysis.
- Experience working with SIEM, EDR/XDR, and endpoint security platforms such as Microsoft Sentinel, Splunk, IBM QRadar, ArcSight, Microsoft Defender XDR, and CrowdStrike Falcon.
- Strong knowledge of MITRE ATT&CK Framework, IOC/IOA analysis, log analysis, and security telemetry investigation.
- Experience creating custom threat hunting queries, detection rules, and security analytics.
- Proficiency with Kusto Query Language (KQL), PowerShell, Python, and security automation practices.
- Strong understanding of Windows, Linux, Active Directory security, network protocols, and enterprise security architecture.
- Experience analyzing network traffic, including TCP/IP, DNS, HTTP, and SMTP protocols.
- Knowledge of cloud security environments such as AWS, Azure, or Google Cloud is preferred.
- Familiarity with security tools and frameworks including YARA, Sigma, Suricata, Zeek, Wireshark, SOAR platforms, and threat intelligence platforms is advantageous.
- Experience with Microsoft Security Copilot, Microsoft Entra ID, Palo Alto Cortex XDR, and other advanced security solutions is a plus.
- Strong analytical, investigative, problem-solving, and communication skills.
- Ability to work effectively under pressure during high-severity security incidents.
- Relevant certifications such as GCTI, GCIH, GCFA, CISSP, CEH, CySA+, Security+, SC-200, SC-100, Splunk certifications, or CrowdStrike certifications are preferred.
- Full-time opportunity focused on advanced cybersecurity operations and threat intelligence.
- Exposure to modern security technologies, threat detection platforms, and emerging cyber defense practices.
- Opportunity to work on complex security investigations and improve enterprise security maturity.
- Collaborative environment with cybersecurity professionals across multiple disciplines.
- Continuous learning opportunities and support for professional certifications.
- Competitive compensation package.
The Threat Hunter will be responsible for proactively detecting cyber threats, investigating security incidents, and improving enterprise detection capabilities through advanced hunting methodologies. Key responsibilities include:
Requirements:
The ideal candidate will have strong experience in threat hunting, cyber threat intelligence, incident response, and security operations, with the ability to investigate advanced cyber threats. Required qualifications include: