Για εργοδότες
Flag button to switch language
Flag button to switch language
Για εργοδότες
SOC Threat Hunter
Company logo - click to visit company page
Teleperformance Greece
2001-30000
Εξυπηρέτηση πελατών / Τηλεφωνικό κέντρο
Δες 318 Θέσεις εργασίας
ΤαύροςΤοποθεσία
Ταύρος
πριν 11 μέρες
Ημ. ανάρτησης
πριν 11 μέρες
Με κάποια εμπειρίαΕπίπεδο εμπειρίας
Με κάποια εμπειρία
Πλήρης απασχόλησηΤύπος απασχόλησης
Πλήρης απασχόληση
ΠληροφορικήΚατηγορία θέσης
Πληροφορική
Εργασία από απόσταση κάποιες ημέρεςΤηλεργασία
Εργασία από απόσταση κάποιες ημέρες

The Threat Hunting team is expected to deliver knowledge of attack techniques and tactics for new or evolving threats to the rest of SOC organization, identify early warnings alerts and provide integration of the intel into existing cybersecurity tooling stack.

They will be also expected to participate in different areas within Security Operations and Incident Response process; these activities can include digital forensics, use case development, security control testing, and hunt plan development.

Working within the Security Operations Center team, the Threat Hunter is responsible for reviewing system log events and data packets to proactively detect advanced threats that evade traditional security solutions They will ensure that new environments are identified and understood to enable accurate and actionable reporting for other tiers of Security organization and additionally is expected to actively participate in developing processes, procedures, training, etc. for new technologies.

 

The candidate must have a curious investigative mind, an interest in information security, and the ability to communicate complex ideas to varied audiences.

Key Responsibilities and Accountabilities:

  • Track threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs)
  • Capture intelligence on threat actor TTPs/IOCs and coordinate with SecOps pods to develop countermeasures
  • Provide forensic analysis of network packet captures, DNS, proxy, netflow, malware, host-based security and application logs, as well as logs from a variety of security sensors
  • Perform Root Cause Analysis of security incidents to develop enhancements to existing alerting tools
  • Compile detailed investigation and analysis reports for internal SecOps consumption and delivery to management
  • Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
  • Develop advanced queries and alerts to detect adversary actions
  • May perform other relevant duties as requested.

Educational Background:

  • Bachelor’s degree in computer science, Information Security, or a related field.

Technical Skills:

  • 3+ years of experience in Information Security (Required)
  • 1+ years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, and malware triage (Required)
  • Experience with packet analysis and usage of deep packet inspection toolsets.
  • Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITRE ATT&CK Matrix.
  • Familiarity with EDR/SOAR/Anomaly detection solutions
  • Prior experience working with in the following areas: (Desired)
  • Computer Incident Response Team (CIRT)
  • Computer Security Incident Response Center (CSIRC)
  • Security Operations Center (SOC)
  • Experience with APT/crimeware ecosystems (Desired)
  • Industry certification such as the following: (Desired)
  • SANS (GCIH, GPEN, GWAT, GXPN, GCFA, GCFE, GREM)
  • Offensive Security (OSCP, OSWE, OSCE, OSEE)

Soft Skills:

  • Excellent communication skills (both written and verbal)​
  • Detail-oriented
  • Critical thinking
Σχετικά tags
ΠΕΡΙΛΗΨΗ ΘΕΣΗΣ
SOC Threat Hunter
Company logo - click to visit company page
Teleperformance Greece
Ταύρος
πριν 11 μέρες
Με κάποια εμπειρία
Πλήρης απασχόληση