7+ Threat analysis Jobs in India

Key Responsibilities:

1. Threat Research: Work on researching emerging cyber threats specifically. You will monitor threat actor activities, study their tactics, techniques, and procedures (TTPs), and help identify potential risks.

2. Alert Triage and Incident Analysis: Support the analysis of security alerts generated by our in-house platform. You will work alongside the team to identify critical issues and provide timely

intelligence to help mitigate threats.

3. Data Collection and OSINT: Assist in gathering and analyzing data using Open Source Intelligence (OSINT) methodologies. You will help collect relevant information to support ongoing threat investigations.

4. Report Preparation: Contribute to the preparation of threat intelligence reports for internal and external stakeholders. You will learn how to convey complex technical information in a clear and

actionable manner.

5. SOP Development: Collaborate with the team to develop and refine Standard Operating Procedures (SOPs) for systematic threat analysis. Your input will help ensure that our procedures are efficient and scalable.

6. Cross-functional Collaboration: Work closely with various teams, including product development and data acquisition, to support the integration of new intelligence sources and improve the effectiveness of our threat intelligence platform.

Key Qualifications:

Educational Background: Completed a degree in Cybersecurity, Computer Science, Information Technology, or a related field.

Basic Knowledge of Cybersecurity: A foundational understanding of cybersecurity concepts, including web application security, threat analysis, and vulnerability assessment.

Familiarity with OSINT: Basic knowledge of Open Source Intelligence (OSINT) tools and methodologies for data collection.

Technical Skills: Familiarity with scripting languages such as Python, Ruby, or GO is a plus.

Experience with automation and data analysis tools will be advantageous.

Communication Skills: Strong written and verbal communication skills, with the ability to learn how to convey technical findings effectively.

Problem-Solving and Adaptability: A proactive attitude with strong problem-solving skills. You should be comfortable learning in a fast-paced and dynamic environment.

Additional Skills:

Interest in Cybersecurity Challenges: Participation in bug bounty programs, Capture The Flag (CTF) challenges, or cybersecurity competitions is a plus.

Willingness to Learn: A keen interest in developing skills in threat intelligence, threat actor profiling, and behavioral analysis.

Company: A cyber security company, helping leaders continuously improve their security posture.

Team Size: 200 +

Responsibilities

• Analyze, plan, and develop requirements (and standards) for scheduled projects.
• Assign and oversee the daily tasks of technical personnel while ensuring the team is working toward established milestones.
• Hold regular team meetings to determine the progress and address any questions or challenges regarding projects.
• Determine and define clear deliverables, roles, and responsibilities for security engineers required for specific projects or initiatives.
• Research and evaluate different trends and technology in the cyber space and articulate the same to the team.
• Hands-on experience with vulnerability management tools and strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, database, and application servers.
• Strong written and verbal communication skills with the ability to collaborate through all parts of the business.
• High performance skillset which not only understands the threat spaces as it relates to risks, but also is able to meet the technical challenge of communicating this out to our teams/customers.
• Leadership skills which bring out the best in the team. This includes both direct leadership but also cross-functional capabilities.
• 5+ years in a vulnerability management program. Knowing not only how to assess vulnerabilities, but prioritize and drive remediation of the same.
• Ability to communicate at the executive leadership levels. Understanding how to translate technical gaps to business risk is critical for communication in this role.
• Reporting gaps in a meaningful way that addresses a business risk as well as providing technical solutions to the operations teams in remediation is key.
• Experience in interacting with auditors and regulators.
• Travel to client location (within India and abroad) as and when required.
• Conduct exit briefing and presentation to clients and relevant stakeholders.
• Work with pre-sales on technical proposals and RFP responses.
• Certification in Project Management or related technical field will be an added advantage.
• Experience in working in a high-level collaborative environment and promoting teamwork
• Ability to predict challenges and seek to proactively head-off obstacles.

Education : Bachelor’s degree in Computer Science, Information Systems, or equivalent education or work experience

Experience : 12 -16 years

Location : Chennai (Hybrid)

Compensation: Best in Industry

Why should we talk?

We are a bunch of passionate cybersecurity professionals who are building a culture of security. Today, cybersecurity is no more a luxury but a necessity with a global market value of $150 Billion. Our vision is to make cybersecurity available for all, not just the Fortune 500 companies.

We live by a people-first approach. We firmly believe that our employees should enjoy what they do. For our employees, we provide a hybrid work environment with a competitive best in industry pay, while providing them with an environment to learn, thrive, and grow. Our hybrid working environment allows employees to work from the comfort of their homes or the office if they choose to. For the right candidate, this will feel like your second home.

If you are passionate about cybersecurity just as we are, we would love to pick your brains.

1.Triage of security alerts that includes but not limited to malware, denial of service, unauthorized access, etc.

2. Conduct incident investigations on SIEM tools.

3. Perform threat hunting on networks to detect and isolate threats.

4. Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM and intrusion detection systems)

5. Continuous optimization, tuning and monitoring of SIEM solution

6. Hands on experience around administrating and threat hunting on EDR, XDR, DLP and SIEM tools.

7. Ability to analyze endpoint, network, and application logs

8. Identify false positives, analyse reported spam, phishing, and suspicious emails and understanding of email security concepts: SPF, DMARC, DKIM

9. Immediate Joiners

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

F5 is looking for a Sr. Security Engineer with experience in building, integrating, operating, and maintaining robust security monitoring and auditing systems. F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will build and maintain monitoring and audit systems across the platform that provide necessary visibility and alerts to effectively defend the platform.

Responsibilities:

• Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the logical boundaries of the systems and identify the events to monitor, audits to maintain, alerts to tweak, as well as systems to integrate with
• You will continuously hunt for areas and metrics to be added into monitoring systems for better operational visibility, incident response capability, availability, and forensics capability of the overall platform
• You will participate in the definition of processes around change and inventory management and develop solutions to audit the changes
• You will work with other teams within security organization to define communication and alerting protocols for effective and timely actions
• You will participate in defining and executing the Incident Response Plan for the platform and be responsible for providing necessary information during the response and forensics
• Demonstrate technical leadership in multiple domain areas, providing mentorship to other team members

Minimum qualifications:

• BS degree in Computer Science or equivalent with 5+ years of security operation and monitoring experience
• Experience with logging, monitoring, SIEM, dashboarding tools like AWS GuardDuty, Sumo, Grafana, SolarWinds, DataDog, Splunk, etc.
• Working knowledge of at least one Cloud Computing platform (e.g. Amazon AWS, Microsoft Azure, Google Compute etc.)
• Good understanding of how to handle logs from various systems, integrate with systems handling logs and metrics, how to setup and tune alerts based on thresholds and policies
• Hands on experience with computer programming languages and/or scripting languages such as Python, Java, Shell
• Good understanding of complexities and security challenges in large-scale distributed systems
• Working knowledge of Cloud orchestration systems such as Kubernetes, Openstack etc.
• Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner
• Excellent written and verbal communication skills
• Strong interpersonal, team building, and mentoring skills

Job Description

Cyber Threat Intelligence & Threat Hunting - Subject Matter Expert (B3-2)

Responsibilities:

Perform threat research, create actionable threat advisories, and derive hunting queries based on the evolving threat vectors.

Understand APT groups, Conduct deep dive technical analysis of cyber-attack tools, tactics, and procedures. Create hypothesis and perform active threat hunting.

Minimum Requirements:

10+ years of overall experience, 7+ years of experience in cyber threat intelligence, malware analysis (Reverse engineering)

Hands-on experience with writing threat hunting hypothesis & active threat hunting

Experience with YARA rule and OpenIOC signature creation.

Experience with multi-tiered mission-critical systems.

Experience in opensource sandbox and honeypots.

Preferred Certification

GIAC Cyber Threat Intelligence (GCTI)

C| TIA (Certified Threat Intelligence Analyst)

CCTIA by the NICCS