Job Title

Position: Senior Threat HunterExperience: 8+ YearsLocation: PuneAbout the Role: We’re not looking for someone who waits for alerts. We’re looking for someone who assumes we are already compromised and goes hunting.As a Senior Threat Hunter, you will proactively identify advanced threats, hidden attacker behaviours, and security blind spots across endpoint, cloud, identity, and SaaS environments. You will operate at the intersection of threat intelligence, detection engineering, and incident response — building capabilities, not just running playbooks. This role is for someone who thinks like an adversary, moves fast, and isn’t satisfied with “no alerts found” as an answer.Responsibilities:Design and run aggressive, hypothesis-driven threat hunting campaignsIdentify stealthy TTPs that bypass EDR, SIEM rules, and traditional detectionsHunt across multi-cloud, identity systems, endpoints, and network telemetryTranslate intelligence into detection logic and production-grade analyticsBreak existing detection systems and make them betterBuild reusable hunting playbooks and automation workflowsReduce dwell time and close telemetry blind spotsPartner closely with DFIR and red team to simulate real-world attack pathsMentor SOC analysts and elevate overall detection maturity Qualifications:6+ years in cybersecurity with deep hands-on experience2–4 years in threat hunting, DFIR, red teaming, or advanced SOC rolesStrong command of MITRE ATT&CK and attacker tradecraftAdvanced query skills (KQL, SPL, SQL)Experience with SIEM (Sentinel, Splunk, QRadar), EDR/XDR (CrowdStrike, Defender, SentinelOne), and cloud telemetryStrong understanding of identity attacks, lateral movement, privilege escalation, persistence mechanismsAbility to script in Python / PowerShell to automate investigationsExperience in hybrid cloud (AWS, Azure, GCP) and SaaS monitoringRequired Skills:Purple team exercisesAdversary emulationDetection engineering from scratchAI-assisted detection or anomaly modellingBuilt hunting programs in a fast-growing companyPreferred Skills:You question assumptionsYou treat “normal behaviour” as suspicious until proven otherwiseYou move fast but document cleanlyYou can explain complex attack chains to both engineers and leadershipYou don’t hide behind tools — you understand what’s happening under the hood Why This Role Is Different:You won’t just operate tools. You’ll influence architecture. You won’t just investigate alerts. You’ll design detections. You won’t just follow a SOC process. You’ll help redefine it.