Threat Hunter

JD for Threat Hunter

About V Group

V Group Inc., an IT-based solution entity based out of New Jersey. With multiple offshore sites (Pune and Bhopal) in India. With offerings ranging from IT infrastructure to Product development, V Group Inc provides a compliant service in numerous industry sectors while maintaining structure, stability, and core values.

Ranked by INC5000 in 2020 - Fastest Growing IT Co. in the USA.

Current business groups include e-commerce, Digital, Professional services, IT projects, and Products. Join our team of innovative technical and business-savvy people; with a passion for creating solutions!

Visit us at: https://www.vgroupinc.com (Corporate website) || https://www.webstorevgroup.net (Ecommerce Store) || https://www.vgroupdigital.com/portfolio (Digital Products).

Job Details

• Position Title: Threat Hunter
• Job Location: Bengaluru
• Experience: 5+ Years of Relevant Exp.
• Primary Skill: TCP/IP, SMTP, DNS, TLS, XML, HTTP

Job Responsibilities

As a Threat Hunter, you will be responsible for proactively identifying, analysing, and mitigating potential threats across our environments. You will lead threat hunts, leverage data from multiple sources, and apply advanced techniques to detect suspicious behaviour and uncover threats. Collaborating with cross-functional teams, youll refine detection strategies and enhance our overall security posture. This is an exciting opportunity to make a significant impact by driving proactive security measures.

Responsibilities

• Performing day-to-day operations as a trusted advisor on advanced threat hunt for team
• Leading "hunt missions" using threat intelligence, data from multiple sources and results of brainstorming sessions to discover evidence of threats, insider misconduct, or anomalous behavior
• Utilizing advanced threat hunting techniques and tools to detect, analyze, and respond to anomalous activities. This includes Identifying threat actor groups and characterizing suspicious behaviors as well as being able to identify traits, C2, and develop network and host-based IOCs or IOAs.
• Finding evidence of threats or suspicious behavior and leveraging data to improve controls and processes; this will require a blend of investigative, analytical, security, and technical skills to be successful.
• Evaluating and making recommendations on security tools and technologies needed to analyze potential threats to determine impact, scope, and recovery.
• Ensuring gaps in detections are socialized with Cyber Security stakeholders; this includes identifying dependencies, recommendations, and collaborating to mitigate threats.
• Reviewing outcomes of incident lessons learned, root cause analysis, and on-demand compliance audits to ensure repeatable and sustainable processes are established, followed or adjusted when necessary.
• Acting as subject matter expert in internal and external audit reviews. This includes producing and presenting artifacts and executive summaries to support the overall mission.
• Participating in Purple Team, Threat Hunt, and tabletop exercises.
• Working closely with key cross-functional stakeholders to develop and utilize proactive and mitigating measures to prevent, detect and respond to potential threats to Verizon on prem and cloud environments.
• Presenting executive-level operational read-outs, metrics, and case reviews that accurately capture the effectiveness of the threat hunt team. This includes leveraging internal data, threat trends, and operational metrics to clearly communicate the Verizon landscape to senior executives, including the Chief Information Security Officer.
• Developing and executing long-term and short-term strategic goals and ensuring proper updates are socialized to appropriate stakeholders.
• Mentoring and advising team members by educating them on advanced techniques to help drive the operational and strategic growth of the organization.
• Promoting an environment of collaboration and individual accountability when it comes to problem-solving, decision-making, and process improvements.

Qualifications

• Bachelor's and/or masters degree in IT Security, Engineering, Computers Science, or related field/experience
• 5+ years overall technical experience in threat hunting
• Demonstrated experience as a key member of a security operations team (SOC, Incident Response, Threat Intel, Malware Analysis, IDS/IPS Analysis, etc.) or digital forensics (DFIR).
• Deep understanding of common network and application stack protocols, including but not limited to TCP/IP, SMTP, DNS, TLS, XML, HTTP, etc.
• Comprehensive knowledge utilizing system, cloud, application and network logs.
• Proficient knowledge of the cyber threat landscape including types of adversaries, campaigns, and the motivations that drive them.
• Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.
• Fundamental understanding of tactics, technologies, and procedures related to Cyber Crime, Malware, Botnets, Hacktivism, Social Engineering, APT or Insider Threat
• Advanced experience with security operations tools, including but not limited to: SIEM (e.g., Splunk, Sentinel), Network analysis (e.g., Net Witness, Palo Alto)
• Knowledge of operating system internals, OS security mitigations & understanding of Security challenges in Windows, Linux, Mac, Android & iOS platforms
• Knowledge on query structures like Strong understanding of cyber based adversarial frameworks including MITRE ATT&CK and Lockheed Martin’s Cyber Kill Chain.
• Knowledgeable with Regular Expressions, YARA and SIGMA rules, AQL and KQL type and at least one common scripting language (PERL, Python, PowerShell)
• Excellent analytical and problem-solving skills, a passion for research and puzzle-solving
• Excellent cross-group and interpersonal skills, with the ability to articulate business need for detection improvements
• Experienced with direct customer communication in a service delivery role
• Ability to use data to 'tell a story'

Certifications

Certifications such as below or similar threat-hunting credentials are highly desirable.

• Certified Threat Hunting Professional eCTHP o Certified Incident Responder (eCIR)
• Certified Digital Forensics Professional eCDFP
• GIAC Certified Incident Handler Certification (GCIH)
• GIAC Enterprise Incident Response (GEIR)
• Network+, Security+, CISSP, CISM, GCIH, GCFA, GCFE, GREM and/or or cloud-specific certifications (ex: AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Cloud Certified Professional Cloud Security Engineer)

Health & Accident Insurance

• Paid Leaves and Sick Leaves
• Education sponsorship / Certification Reimbursement
• Free Training Platforms
• Internet Reimbursement
• Gym membership
• EPF, Gratuity.
• US and UK Based Clients
• Onsite Opportunities to US, UK