Threat hunter

Posted: Dec. 29, 2021, 3:38 p.m. - Full Time - Hyderabad

Tactical Cyberange Simulations Pvt Ltd is seeking a Sr. Threat Hunter / Cyber Threat Analyst for supporintg various client incidents. Additionally, this position assists in supporting breach investigations in support of partner organizations.

This position will be based in Hyderabad, india.

Responsibilities:

Advanced Cyber Analytics – Driving the hunting of threats using proactive and reactive hunting metholodiges following MITRE ATT&CK kill chain / Matrix Tactical Intel Coordination – Focusing on partnerships and information sharing, support organizations on strategic direction to mitigate threats. Adversary Disruption – Leveraging tactical, technical and legal capabilities to eradicate threat.

  • Support the investigation and contribution to large and small scale computer security breaches
  • Characterize suspicious binaries and be able identify traits, C2, and develop network and host-based IOCs.
  • Identify potential malicious activity from memory dumps, logs, and packet captures
  • Collaborate with other teams / Partners in identifying threat groups and providing technical investigative capabilities.
  • Thorough review and analysis of cyber threats, provide both internal & external parties key information to respond to threat.
  • Interact and assist other investigative teams within and client infra on time sensitive, critical investigations.
  • Participate as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents.
  • Analyze intelligence from both Cyberange's internal threat intelligence data as well as leverage external source for supplemental.
  • Provide contextual information to internal Cyberange's Threat Intelligence team as well as partners to establish for tactical briefings on threats.

Qualifications

  • Undergraduate degree in computer science, engineering, information science, or a related technical discipline.
  • 2+ years of related experience in cybersecurity or computer network defense.
  • Demonstrated relevant experience as a key member of a threat intel, incident response, malware analysis, or similar role.
  • Strong knowledge of malware families and network attack vectors.
  • Strong knowledge of Linux, Windows system internals.
  • Strong knowledge of web applications and APIs
  • Understanding of payment card processing, related financial fraud and carding techniques
  • Scripting, YARA, Snort, RegEx and PCRE experience is desirable.
  • Tangible experience combatting crimeware or APT is a distinguishing factor.
  • Certifications such as OSCP, NSD or SANS DFIR is a plus, but skill level carries more weight.