Senior Threat Hunter

This is a fully remote position, open to applicants in India.

📋 Description

• Monitor and assess threat intelligence utilizing tools such as ZeroFox, Digital Shadows, or comparable platforms.

• Compose detailed and technical cybersecurity reports with a keen attention to detail.

• Employ OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web searches for gathering threat intelligence.

• Create, maintain, and enhance custom threat intelligence feeds using platforms like MISP, incorporating scripting in Python, Azure, and Linux.

• Oversee threat intelligence feeds through platforms such as Anomali, ThreatQ, Cyble, Cyware, OpenCTI, and MISP.

• Integrate threat intelligence feeds into widely used SIEMs, particularly Microsoft Sentinel.

• Carry out domain and social media account takedowns as required.

• Generate tailored, detailed reports according to client specifications.

• Utilize knowledge of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain during threat analysis.

• Use Excel and/or Power BI for data visualization and creating graphs.

• Prepare and present PowerPoint presentations and reports to stakeholders.

• Maintain strong verbal and written communication skills in English.

• Work independently under pressure while effectively prioritizing tasks.

• Be available for on-call duties for urgent, high-priority tasks.

• Collaborate with Managed Security Service Providers (MSSPs) for backend and client-facing responsibilities.

⛳️ Requirements

• Minimum of 3 years of experience using threat intelligence monitoring tools.

• At least 1 year of experience in writing threat intelligence reports.

• Proficient in OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web searches.

• Experience with scripting in Python, Azure, and Linux.

• Familiarity with one or more threat intelligence platforms for managing feeds.

• Experience integrating threat intelligence feeds into SIEMs, particularly Microsoft Sentinel.

• Proven experience executing domain and social media account takedowns.

• Strong understanding of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain.

• Excellent writing skills in English.

• Proficient in Excel and/or Power BI for data visualization.

• Strong experience with PowerPoint for presentations and reporting.

• Strong verbal English communication and presentation skills.

• Cybersecurity certifications (e.g., COMPTIA, SANS GIAC, ISC, EC-Council) are advantageous.

• Certifications specific to cyber threat intelligence are beneficial.

• Ability to work in the EST timezone (evening shift to overlap with onshore/client team).

🏝️ Benefits

• Options for remote work.