Threat Hunter-L3

Introduction
At IBM work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so lets talk.

Your Role and Responsibilities
Is a thought leader in security intelligence and operations. This Level 3 role and is Subject Matter Expert (SME) and is involved running Threat hunting expeditions in your environment. He/She will develop suitable documentation and provide guidance to team performing for event analysis & Use-case development.
We are seeking to hire an experienced Threat Hunter who will play a key role as part of the Cyber Defence Team which includes Incident Response SOC Threat Hunting and Threat Intel

• Sr. Cyber Threat Analyst will be Defining and Leading Threat Hunting COE hunt missions guided by threat intelligence analysis of anomalous log data and/or brainstorming sessions with Threat Hunting COE teams.
• Provide guidance on building and/or maturing Threat Hunting COE programs detecting and responding to computer security incidents and implementation of tools and technologies used for enterprise security.
• Training teams in order to develope and automate detection of threat actor activities. The Sr. Cyber Threat Analyst will support the customer’s overall cyber threat analysis efforts.
• Ensures that relevant threat indicators are infused in all aspects of program operations. The focus of the Cyber Security Threat Hunter is to proactively investigate security events to identify artefacts of a cyber-attack.
• They will also be expected to participate in several different areas within Security Operations and Incident Response process; these activities can include digital forensics use case development security control testing and hunt plan development.
• Examine alerts from various security monitoring tools perform triage & determine scope of threats.
• Analyze logs alerts suspicious malwares samples from SOC platform deployed at the enterprise.
• Using knowledge of the current threat landscape as well as latest threat-intel threat actor techniques and the internal network analyze log data to detect active threats within the network. Build document and maintain a comprehensive model of relevant threats to the enterprise.

Required Technical and Professional Expertise

• Minimum 6 years of experience in intelligence or technical analysis with a focus on cyber threat analysis and threat modelling to include preparing and presenting results.
• Graduation in CS/ IT/ EC OR Information Technology/ MCA/ MTech
• Hunt for security threats identify threat actor groups and their techniques tools and Processes.
• Perform analysis of security incidents for further enhancement of rules reports AI/ML models
• perform analysis of network packet captures DNS proxy NetFlow malware host-based security and application logs as well as logs from various types of security sensors uncovering the unknown about internet threats and threat actors
• Analyze events to differentiate between malicious and benign activity and analyses malicious code packet capture files and artefacts.
• Examine alerts from various security monitoring tools perform triage & determine scope of threats.
• Analyze logs alerts suspicious malware’s samples from SOC platform deployed at the enterprise.
• Monthly tactical briefings on threat observations and findings to the customer stakeholders on threats to the enterprise.
• Keep up to date with information security news vulnerabilities tools techniques exploits and trends.
• Proactively identify potential threat vectors and work to improve prevention and detection methods.
• Responsible for Threat-Intel platform & ensuring its optimal usage for enterprise security monitoring use-case & playbook tuning.

Preferred Technical and Professional Expertise

• CISM /CISSP / OSCP/OSCE certified candidates preferred