NTT - L3 Security Managed Services Engineer - Threat Hunting (8-12 yrs)

Reports To Indicate designation of Reporting Manager

Team Lead IT Operations

Work Hours

General :

Primary Responsibilities :

- Advanced Cyber Analytics, Proactively drive hunting and analysis against the dataset available for customers

- Work with our security operations center (SOC) and take the lead role in threat detection and incident response activities

- Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure

- Use Big Data Analytics platform to identify threats, determine root cause, scope, and severity of each and compile/report findings

- Work with Threat Intelligence and Malware solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise

- Leveraging tactical and technical intelligence for eradication of threats

- Characterize suspicious binaries and be able identify traits, C2, and develop network and host-based IOCs

- Identify potential malicious activity from memory dumps, logs, and packet captures

- Through review and analysis of cyber threats, provide both internal & external parties key information to respond to threat

- Participate as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents

- Interface with customers on a daily basis to consult with them on best security practices and help them mature their security posture

- Create Threat Models based on MITRE ATT&CK framework and cyber

kill chain for customers :

- Linking of threat models with SIEM use cases and hunting exercises

- Basic Malware Analysis

- Work with SOAR platforms to generate and configure orchestration workflows and responses

Secondary Responsibilities :

Experience : 11-12 yrs

Educational :

- Qualification : BE/BSC(Comp/IT) (or equivalent)

Technical Skills :

- Advanced operational experience as a Cyber Threat Hunter

- Experience of current threats, vulnerabilities, and attack trends

- Critical thinking and problem solving skills

- Experience with SIEM (DNIF/Qradar), BIG data platforms, Threat Intelligence solutions

- Familiarity with NetFlow data, packet analysis and operating system knowledge

- Certifications like GCIA or GCIH, CTIA etc. will be given preference

Soft Skills :

- Excellent oral & written communication skills.

- Excellent presentation skills.

- Leadership skills.