Team Lead – Threat and Vulnerability Researcher – Security Operations Centre
Head Cybersecurity Operations
Our Cyber Security Operation function works to continuously strengthen cyber security posture through research, threat simulations, threat hunting, and offensive security engagements.
In this role, you will be responsible to proactivelyresearch,investigateand mitigate the latestthreats,andwork witha diverse team ofincident response analysts, threat hunters,engineers,and internal & external partners tosolve problems. We’re looking for Security Researchers who can apply their in-depth knowledge of security to identify intrusions and track the actors behind them through large-scale data analysis. You will join the group that is responsible for advanced threat detection capabilities. We are seeking individuals who are passionate about security.
Roles and Responsibilities
Track insights from security researchers and real incidents to develop durable attack detection capabilities across the kill-chain.
Author innovative logic and rules to detect attacksleveraging telemetry and intel available in our products.
Uncover attacker campaigns to disrupt them and protect our customers.
Trackadversary activities to develop and enhance detections in our products.
Conduct research that yields new insights, hypothesis, algorithms, and prototypes that advance state-of-the-art of threat protection.
Improve the quality, effectiveness and accuracy of various detections running in our products.
Analyze activity to identify weaknesses that were exploited and perform root cause analysis
Proactively hunting threats, blue teaming, performing exploit and vulnerability research, all in order to find and close holes exploited by bad actors.
Locating trends in abuse vectors, communicating with leadership to apprise of extent, and advocating for appropriate product changes to prevent future occurrences.
Work with cross-functional teams to resolve computer security incidents
Continuously review security bulletins and related news; stay apprised of current threats and trends.
Should be comfortable to be part of 24*7 SOC services.
Bachelor’s degree relevant to Information Technology, Computer Science/Engineering (or equivalent).
Advanced certification desirable GCIH, GCFA, GCDA, GCIA, GDAT, OSCP, CySA+, SEC+
Must have good written communication skill
Minimum 2+ years’ experience in Threat Researcher roleand experience working on threat intel platform & Advisory role
Overall 4+ years of hands-on experience in a Security Information and Event Management (SIEM) tool, such as Sentinel, EDR, Threat Intel platform
Experience in endpoint security, malware sandbox, antivirus engines.
Experience in Incident Analysis and Response using industry standard frameworks such as MITRE ATT&CK and the Cyber Kill Chain
Must be able to validate findings, perform root cause analysis, and deliver recommendations for fixes.
Must have strong fundamentals in security concepts, cryptography, Unix architecture, and networking.
Strong scripting and automation skills are must (Python preferable)
Must have excellent reporting and analytical skills.
In-depth knowledge of Operating Systems such as Windows, macOS, iOS or Android and the security protections that these platforms offer, would be an added advantage.
Preferred Industry Certifications: GCIH, GCFA, GCDA, GCIA, GDAT, OSCP, CySA+, SEC+