Consultant - Threat Hunter Job

YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation.

At YASH, we re a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single truth - bringing real positive changes in an increasingly virtual world and it drives us beyond generational gaps and disruptions of the future.

We are looking forward to hire Threat Hunter Professionals in the following areas :

Job Title:

SOC Threat Hunter

Position Type:

Full Time

Department/Group:

Cyber Security

Profile Type:

SOC Threat Hunter

Location:

All India locations

Requirement Type:

External

About Yash Technologies

YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences and drive business transformation. Working collaboratively with organizations including SAP, Microsoft, AWS, ServiceNow, Automation Anywhere, and Pega, we help clients realize exceptional value from their technology investments. With outstanding employee engagement and status as a preferred employer, we have been recognized as a Great Place to Work7 years in a row.

Job Description An experienced Threat Operations Hunter performs intelligence-driven network defense supporting the monitoring and incident response capabilities. The role involves analysis of large amounts of data from vendors and internal sources, including various indicator feeds, SIEM, and several threat hunting tools, etc. Threat Hunters perform the functions of threat operations and hunting and serve as the liaison for Threat Intelligence in the Security Operations Center, and mentor the incident handling, incident response, and forensics teams. Years of EXPERIENCE: 4 to 7 years Role and Responsibilities

• Conduct Proactive threat hunting using EDR and SIEM (Sentinel) tools to analyze data for indicators of compromise.
• Develop and test threat hunting hypotheses based on MITRE ATT&CK framework.
• Analyze large data sets to detect unusual patterns and potential threats.
• Propose and implement new queries to improve detection capabilities within SIEM systems.
• Fine-tune existing SIEM (Sentinel) queries to enhance accuracy and broaden the coverage of the threat detection
  landscape.
• Map active threat attack patterns to the Cyber Kill Chain to better understand and address security risks.
• Create and monitored dashboards based on TTPs to effectively visualize and track threat detections.
• Analyze critical security alerts and incidents to determine severity and potential impact, conducting deeper investigations into suspicious activities.
• Evaluate and correlate security events from multiple sources to identify potential threats, leveraging threat intelligence and contextual information.
• Conduct thorough reviews of security logs from various systems (firewalls, intrusion detection/prevention systems, EDR solutions) to identify anomalies or breaches.
• Perform root cause analysis on security incidents to understand underlying issues and prevent recurrence.
• create and maintain weekly/monthly reports for all SOC & TH activities.
• Contribute to the refinement of incident response processes, playbooks, and detection mechanisms to enhance overall security posture.
• Provide guidance and mentorship to junior analysts, sharing knowledge on best practices and new threats.
• Adhere strictly to the incident response plan when anomalies were detected, ensuring timely and coordinated
  responses.
• Provide actionable insights and recommendations to improve the organizations overall security posture.

PRIMARY SKILLS:

• Any degree and/or certifications in Engineering, Computers Science, or related field.
• 3+ years overall technical experience in either Threat Hunting, incident response, security operations, or related information security field.
• Deep understanding of common network and application stack protocols, including but not limited to TCP/IP, SMTP, DNS, TLS, XML, HTTP, etc
• Excellent analytical and problem solving skills, a passion for research and puzzle-solving.
• Expert understanding of large, complex corporate network environments.
• Strong communication (oral, written, presentation), interpersonal and consultative skills, especially in regard to white papers, briefs, and presentations.
• Scripting experience related to system administration and security operations (Python, PowerShell, SQL)

Tools: Azure Sentinel, Sophos XDR Keywords : Hypothesis, Mitre Attack, Threat Intelligence, Threat Hunter, Cyberkill chain Behavioral Attributes

• Demonstrates a can doattitude and is willing to stretch self to achieve and exceed defined goals/targets
• Displays awareness of customers stated needs and gives priority to meeting and exceeding customer expectations within stipulated time
• Explains ideas clearly and logically to others and is attentive in interactions
• Identifies the target audience for communication and carefully listens to their opinions and feedback
• Ability to work in Teams

Approved By:

Date:

4 Oct 2024

At YASH, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. We leverage career-oriented skilling models and optimize our collective intelligence aided with technology for continuous learning, unlearning, and relearning at a rapid pace and scale.

Our Hyperlearning workplace is grounded upon four principles

• Flexible work arrangements, Free spirit, and emotional positivity
• Agile self-determination, trust, transparency, and open collaboration
• All Support needed for the realization of business goals,
• Stable employment with a great atmosphere and ethical corporate culture