Job Summary

Role Overview

We are seeking a highly skilled Senior Threat Hunter to lead proactive threat hunting initiatives and detect advanced cyber threats that evade traditional security controls. The ideal candidate will possess deep expertise in adversary tactics, threat intelligence, detection engineering, and incident response, with the ability to translate complex security findings into actionable business insights. This role acts as a Tier-4 escalation point, supports SOC maturity, and drives continuous improvement of detection and response capabilities across on-prem, cloud, and hybrid environments.

Key Responsibilities

Threat Hunting & Adversary Detection

• Lead hypothesis-driven threat hunting across endpoint, network, cloud, identity, and SaaS platforms.
• Detect advanced threats including APTs, insider threats, credential abuse, lateral movement, and fileless attacks.
• Analyze datasets from EDR/XDR, SIEM, NDR, email, identity, and cloud logs.
• Map findings to MITRE ATT&CK framework and attacker TTPs.

Detection Engineering & Automation

• Recommend , tune, and optimize detection rules in SIEM and EDR platforms.
• Translate hunt results into reusable detection use cases.
• Automate workflows using KQL, SPL, Python, PowerShell, and SOAR.
• Reduce false positives and improve signal-to-noise ratio.

Threat Intelligence & Research

• Consume strategic and tactical threat intelligence.
• Track emerging threats and attacker techniques.
• Participate in purple team exercises and adversary simulations.

Incident Response & Advanced Investigations

• Serve as escalation point for complex security incidents.
• Support containment, eradication, and recovery activities.
• Perform root cause analysis and post-incident reporting.

Cloud & Identity Security Hunting

• Conduct threat hunting in Microsoft 365, Azure, AWS, and other cloud environments.
• Detect OAuth abuse, MFA bypass, token theft, and persistence mechanisms.

Reporting, Metrics & Leadership Communication

• Prepare executive-level threat hunting and risk reports.
• Track metrics such as MTTD, dwell time, and ATT&CK coverage.

Mentorship & Program Maturity

• Mentor junior threat hunters , SOC analysts and Threat intel team .
• Develop hunt playbooks and training materials.
• Collaborate with Red Team, IR, GRC, and IT teams.

Required Skills & Qualifications

Technical Skills

• Experience with SIEM/SOAR platforms (Microsoft Sentinel, Splunk, QRadar)
• Hands-on with EDR/XDR solutions (Defender, CrowdStrike, SentinelOne and Splunk)
• Strong understanding of MITRE ATT&CK framework
• Proficiency in KQL, SPL, Python, and PowerShell
• Endpoint, network, and cloud forensics
• Cloud security expertise (Azure/AWS/GCP)

Professional Skills

• Strong analytical and problem-solving skills
• Excellent written and verbal communication
• Ability to explain complex threats to non-technical audiences
• Ability to work independently under pressure and ready for 24x7 support.

Preferred Certifications

• GCED, GCTI, GCIA, GMON
• CISSP / CISM
• Microsoft Security Certifications
• Cloud Security Certifications (Azure/AWS)

Key Responsibilities

1. To Create All Quality Documents| Collect Metrics Data And Conducting Audits. To Perform Value Creation And Km Activities
2. To Contribute Individually On Technical Aspects As An Sme.
3. To Coordinate With Team And Business Users.
4. To Ensure Process Improvement And Compliance, Participate In Technical Design Discussion, Review Technical Documents And To Provide Support On Issues.
5. To Gather Users/Business Requirements And Create Project Plans And Keep Track Of Schedule For On Time Delivery As Per The Defined Quality Standards
6. To Raise Risks| Issues And Escalation To Senior Management And Customer.

Skill Requirements

null

Other Requirements

null