Threat Hunter - Bengaluru, India - LTIMindtree

    LTIMindtree
    LTIMindtree Bengaluru, India

    2 weeks ago

    LTIMindtree background
    Description

    Skills :
    Threat HuntingExperience : yrsLocation : All LTIM Office Locations

    Job Description:
    Mandatory Skills1. Experience in Threat Intelligence & Hunting2. Experienced in discovering and gathering Threat data from intelligence feeds3. Prior experience of developing methodologies for threat data mining to uncover the threat actors and threat vectors4. Experienced in maintaining, developing, and continuously evaluating cyber threat intelligence, & threat intelligence/data sources5. Maintain an understanding of the overall threat landscape (cyber, malware, botnets, phishing, DDoS, physical) applicable to Carrier6. Collect, analyze, investigate, store, and disseminate indicators of compromise (IOCs)7. Regularly develop and produce written cyber, brand and threat intelligence reports8.

    Provide support to the Security Incident Response Team and SOC in the effective detection, analysis, and containment of attacks, as well as researching potential IOCs and linking to intelligence9.

    Draft, edit, and disseminate threat intelligence information/briefs to stakeholders, executive leadership, and others10. Monitoring of security procedures and practices; recommend optimizations and improvements when gaps are identified11. Collaborate with Monitoring and Incident Response team & Content Engineering team to build proactive detection logic for threat detection12. Assist the SOC Monitoring & IR team in analysis and resolution of Major incidents.13. Leverage Threat Intelligence gathered to execute Threat Hunting campaigns.

    Following types of Threat Hunting campaigns will be executed –o Threat Indicator driven threat huntingo Hypotheses driven threat huntingo MITRE ATT&CK framework driven hunting campaigns14.

    Escalate true positives to Incident status and assist in relevant incident response15. Perform end-to-end threat hunting, developing, maturing and maintaining TTP or attack pattern detection techniques16. Perform the full threat hunting cycle, including recommendations for EDR detection rules17. Collaborate with IR team to recommend and mitigate the effects caused by an incident.18.

    Perform technical cyber security investigations on security incidents, root cause analysis and deep dive analysis of malicious artifacts, analyze threat intelligence, identify TTP and attack patterns.19.

    Help mature the Security Incident Response process to ensure it meets the needs of the global business and is adhered to.20.Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities.