Responsible for conducting all threat-hunting activities necessary for identifying the threats including zero day. Hunt for security threats, identify threat actor groups and their techniques, tools and processes. Strong knowledge of APT lifecycle, tactics, techniques, and procedures (TTPs). Familiarity with MITRE ATT&CK framework and mapping threats to techniques. Provide expert analytic investigative support toL1 and L2 analysts for complex security incidents. Proficiency in malware behavior analysis and sandboxing. Perform analysis of security incidents for further enhancement of rules, reports, AI/ML models. Perform analysis of network packet captures, DNS, proxy, NetFlow, malware, host-based security and application logs, as well as logs from various types of security sensors uncovering the unknown about internet threats and threat actors. Analyse logs, alerts, suspicious malwares samples from all the SOC tools, other security tools deployed such as Anti-Virus, Anti APT solutions, EDR, IPS/IDS, Firewalls, Proxies, Active Directory, Vulnerability assessment tools etc. Using knowledge of the current threat landscape, threat actor techniques, and the internal network, analyze log data to detect active threats within the network. Build, document and maintain a comprehensive model of relevant threats to customer. Proactively identify potential threat vectors and work with team to improve prevention and detection methods. Identify and propose automated alerts for new and previously unknown threats. Incident Response for identified threats. Strong knowledge of APT lifecycle, tactics, techniques, and procedures (TTPs). Hands-on experience with Trellix (formerly McAfee) APT solutions, EDR, and Threat Intelligence. Proficiency in malware behavior analysis and sandboxing. Familiarity with MITRE ATT&CK framework and mapping threats to techniques. Experience with security monitoring tools such as SIEM, SOAR, EDR, and Threat Intelligence Platforms (TIPs). Solid understanding of network protocols, endpoint protection, and intrusion detection systems.
Job Title
Sr Engineer