- Digital forensics investigations to analyze and understand the root cause of security incidents, utilizing M365 Defender logs and data. Document findings and prepare comprehensive incident reports.
- Monitor security alerts and events, ensuring timely identification and escalation of potential threats with a focus on M365 Defender's monitoring capabilities. Utilize M365D product suite (MDE/MDO/MDI etc) and other SIEM tools to enhance the customer's security posture.
- Strong understanding of cloud architecture, services, and deployment models, as well as common security threats and attack vectors targeting cloud environments.
- Proactively search for indicators of compromise (IoCs) and emerging threats within the customer environment. Develop and execute threat hunting strategies.
- Work closely with other SOC team members and IT personnel to share threat intelligence and enhance overall security awareness.
- Analytical skills with the ability to interpret complex datasets and generate actionable insights.
- This role involves working in a 24x7 shift pattern. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.Industry leading healthcareEducational resourcesDiscounts on products and servicesSavings and investmentsMaternity and paternity leaveGenerous time awayGiving programsOpportunities to network and connect
-
Threat Hunter
3 hours ago
Cyble Inc. bangalore, IndiaAbout the Role: · The Cyber Threat Hunter will have an opportunity to lead threat hunting missions to support our global research and client threat intelligence teams. · He/She will track emerging threats and threat actors and Advanced Persistent Threat groups, evaluate, and prio ...
-
Threat Hunter
3 hours ago
Cyble Inc. Bengaluru, IndiaAbout the Role: · The Cyber Threat Hunter will have an opportunity to lead threat hunting missions to support our global research and client threat intelligence teams.He/She will track emerging threats and threat actors and Advanced Persistent Threat groups, evaluate, and priorit ...
-
Threat Hunter
1 week ago
LTIMindtree Bangalore Urban, IndiaSkills : Threat Hunting · Experience : yrs · Location : All LTIM Office Locations · Job Description: · Mandatory Skills · 1. Experience in Threat Intelligence & Hunting · 2. Experienced in discovering and gathering Threat data from intelligence feeds · 3. Prior experience of dev ...
-
Senior Threat Hunter
2 days ago
SentinelOne Bengaluru, IndiaAbout Us: · SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelO ...
-
Cyble - Threat Hunter - Cyber Security
3 hours ago
CYBLE INC bangalore, India permanentAbout the Role : · The Cyber Threat Hunter will have an opportunity to lead threat hunting missions to support our global research and client threat intelligence teams. · He/She will track emerging threats and threat actors and Advanced Persistent Threat groups, evaluate, and pri ...
-
ColorTokens - Threat Hunter - Cyber Security
3 hours ago
Colortokens bangalore, India permanentThe Threat Hunter will be responsible for identifying advanced persistent threats using automated models, develop new models based on latest attack patterns, analysis of anomalous log data, provide expert analytic investigative support for complex security incidents. · The focus ...
-
Incident Response Associate
3 days ago
ZeroFOX Bengaluru, Karnataka, India**OPPORTUNITY OVERVIEW** · - ZeroFox seeks an Incident Response Associate to leverage their experience and skills to deliver cybersecurity guidance and services to customers who are preparing and responding to cyber incidents. In this role, you will use your deep understanding of ...
-
KPMG Global Services
3 hours ago
KPMG India bangalore, IndiaJob Title: · Manager - Cyber Threat Intelligence, Security Monitor & Response · Job Summary: · IOC validation/sweeps/ investigations. Assistance in automating workflows (highly desirable). Producing Daily CISO CTI report. Tuning/ responding to alerts from CTI tools regardin ...
-
Cyber Security Specialist
3 hours ago
Lenovo bangalore, India Full timeDescription and Requirements · As a Cybersecurity Threat Hunter, you will: · • Identify (hunting) and profiling threat actors and Tactics, Techniques, Procedures (TTPs). · o Conducting proactive threat hunting activities to identify potential security threats and vulnerabilitie ...
-
KPMG India bangalore, IndiaAbout KPMG in India · KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with ...
-
KPMG Bengaluru / Bangalore, India Full timeAbout KPMG in India · KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with ...
-
KPMG Global Services
3 hours ago
KPMG India Bengaluru, IndiaJob Title:Manager - Cyber Threat Intelligence, Security Monitor & Response · Job Summary:IOC validation/sweeps/ investigations. Assistance in automating workflows (highly desirable). Producing Daily CISO CTI report. Tuning/ responding to alerts from CTI tools regarding topics su ...
-
Platform Support Specialist
1 week ago
timesjobs Bengaluru/ Bangalore, India Full timePlatform Support Specialist - Team Lead Bengaluru · Operations Operations - India / · Full-time · / Hybrid · BIG NEWS · is officially a public company, and were on a mission to make the internet safer. Read more here: · OPPORTUNITY OVERVIEW · seeks a multi-talented, quick-thinkin ...
threat hunter ii - Bengaluru, India - Microsoft
Description
Overview
Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
We are the Microsoft 365 Defender Experts team, and we are committed to defending Microsoft customers from sophisticated cyber-attacks and adversaries. Our mission is to help protect customers with a truly innovative proactive approach, advising on emerging trends, and engaging in valuable partnerships. As the Research organization within Defender Experts, it's our job to stay one step ahead of malicious adversaries and predict the threats of the future. We work with partners across Microsoft to innovate new approaches for detecting and tracking threats, attacker techniques, their tools and infrastructure. We are always learning. Insatiably curious. We lean into uncertainty, take risks, and learn quickly from our mistakes. We build on each other's ideas, because we are better together. Our security products are brought together in the Microsoft 365 Defender (M365D) suite. M365D enables Microsoft's enterprise customers to detect, investigate, understand, and respond to advanced threats on their networks via a combination of behavioral sensors, security analytics, and threat intelligence. We are looking for a Threat Analyst to join our defender Experts team. In this role you will use deep knowledge of the attacker landscape and rich telemetry from our sensors across wide range of Microsoft security products to respond to the potential adversaries or suspicious activities in the customer environment.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Qualifications
Bachelor's degree in a relevant field or equivalent work experience.
• 5+ years of experience in a SOC environment, with a focus on incident response, threat hunting, and host forensics, specifically leveraging M365 Defender product suite.
• Proficiency in using SIEM tools and other security technologies. Ability to track, analyze, and brief on new and ongoing cyber-attacks.
• Knowledge of operating system internals, OS security mitigations & understanding of Security challenges in Windows, Linux, Mac, Android & iOS platforms
• Profound knowledge of kill-chain model, ATT&CK framework.
• Knowledge of major cloud and productivity platforms as well as identity systems and related security concern.
• Excellent cross-group and interpersonal skills, with the ability to articulate business need for detection improvements.
• Additional advanced technical degrees or cyber security certifications such as CISSP, OSCP, CEH, or GIAC certifications
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:
- This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Responsibilities