Sr.Threat Analyst--Cyber Security @ Creeno Solutions

Position: Senior Threat Analyst

Experience: 3 to 6 yrs

Job Location: Hyderabad

Job Type: Permanent

Threat Hunter and Threat intelligence with 3 years of experience)
Position Summary
The Cyber Threat Hunter will be a key member of the Threat Intelligence and Detection team within metmox Global Security Center. The Cyber Threat Hunter will be responsible for creating threat hunting processes and use cases, turning threat intelligence into actionable detection of adversary behaviors. The primary responsibility of a threat hunter is to proactively and iteratively discover signs of current or past malicious activity within client environments. The threat hunter will work with our suite of security tools to identify suspicious activities and will use more advanced techniques to discover threats that may have eluded detection. The Cyber Threat Hunter will be expected to be results-oriented, multi-disciplined, and passionate about assessing and improving the security of diverse and complex systems according to industry regulations and information security governance framework.
Core Responsibilities
Extensive knowledge of Advanced Persistent Threats (APT) tactics, techniques and procedures
Conduct 'Hunt Missions' using threat intelligence, analysis of anomalous logs data.
Knowledge of MITRE attack framework.
Patch reconnaissance and OSNIT
Perform analysis of Netflow, network traffic logs, DNS query logs, proxy logs, network packet captures, as well as other logs form applications and operating systems.
Analyze and hunt for various threat actor groups, attack patterns and tactics, techniques and procedures (TTPs), deep analysis of threats across the enterprise by combining security rules, content, policy and relevant datasets.
Contribute to the development of use cases and threat detection logic to enhance threat detection capabilities.
Continuously improve processes for use across multiple detection sets for more efficient security operations.
Provide expert level support for larger scale or complex security incidents. Documenting best practices for threat hunting and detection development.
Maintain and employ a strong understanding of advanced threats, continuous vulnerability assessment, response and mitigation strategies used in Cybersecurity operations.
Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
Threat Intelligence, Penetration Testing, etc.
Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
Respond to threats on finding anomaly detection to identify potential threats, suspicious activity, and intrusions
Monitor for security indicators by analyzing a variety of application, network and host-based security logs and resolving accurate remediation actions and critical issue paths for each incident
Need to perform internal and external threat hunting, preparing the reports for management with the identified anomalies along with the action plans
Mapp all the SIEM use-cases with MITRE framework to understand the risk posture from APT attacks perspective and prepare new use cases to have better coverage for all techniques and tactics used by APT groups. also preparing the necessary SOPs aligned with the NIST framework,
Required Experiences
3 years of overall experience
1 3+ years of recent experience in a technical security role (such as in a SOC, Incident Response team, Malware Analyst, Threat Analyst, Threat Hunting, Pen Tester, Adversary Simulation, etc..).
Demonstrated technical experience with Windows and/or Unix/Linux operating systems including command-line tasks and scripting.
Demonstrated technical experience with Networking (data flows, architecture, protocols, traffic analysis, wireless, etc.).
Demonstrated experience working with extremely large data sets, using tools and scripting languages like SIEM Tools (i.e. Splunk, Qradar, Chronicle), , EDR tools (e.g. Tanium, Microsoft Defender ATP, etc.)
Experience with advanced persistent threats and human adversary compromises.
Experience pivoting across the Diamond Model and all stages of the kill-chain
Experience using the Pyramid of Pain in conjunction with MITREs ATT&CK Framework to develop threat hunting hypothesis.
Experience working with security intelligence, data analytics, security incident response, and forensic investigation teams.
Good research and documentation skills including knowledge of major OSINT sources and their investigatory value.
Knowledge of current hacking techniques, vulnerability disclosures, and data breach incidents, and security analysis techniques.
Knowledge of malware families, botnets, threats by sector, and various attack campaigns and attacker methods, tools/techniques/practices.
Knowledge coding experience in at least one of the following Bash, PowerShell, Python, JavaScript, PERL, or Ruby .
Knowledge with threat modeling, development of attack plans, performing manual & automated Ethical Hacking, & develop proof of concept exploits.
Knowledge with Cloud Infrastructure monitoring.
Strong ability to work effectively in a team environment as a mentor.
Proven ability to partner with staff and managers in the Information Security and Information Services organizations.
Demonstrated interpersonal skills, highly self-motivated and including conflict resolution.

Candidates who are available immediate or within 15 days to join are preferred to apply.

Interested candidates who are fitting the bill as aforesaid, please apply with your latest resume in word format to: shiva.g at creenosolutions.com or you may call at 9885170*** for more details.