Principal Threat Hunter | On-site, Bangalore
Bengaluru, Karnataka
Optiv
Optiv manages cyber risk so you can secure your full potential. Cybersecurity advisory services and solutions. Powered by the best minds in cyber.In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cybersecurity. We are passionate champions for our clients and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has an impact, on people, businesses, and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.
How you will make an impact:
- Proactively analyze, document and report on potential security incidents identified in Client environments.
- Collaborate with internal and client partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets.
- Is primary POC and coordinator for clients during security events that require urgent response, containment, and remediation.
- Lead, mentor and develop other threat hunters and analysts.
- Provide security gap analysis and effectiveness assessments of security platform technologies or lack thereof to include, but not limited to SIEM, SOAR, XDR, EDR, content development collaboration solutions, network security devices (e.g., firewall/IDS/IPS), web application security, asset management, vulnerability scanners, etc.
- Be informed of new security technologies and assess them for opportunities to improve client security programs or achieve client outcomes.
- Effectively apply OSINT and client data to demonstrate risk of adversary activity and develop recommendations to reduce risk to include mitigation techniques and data to inform detection content or client policies.
- Actively solicit and collaborate with senior & principal analysts for observations to inform threat hunt activities.
- Ability to discuss security posture with multiple clients and make recommendations to better their holistic security approach.
- Lead, mentor, and influence internal teams and client counterparts as the subject matter expert.
- Develop and maintain SOP and KBs that enable effective and efficient content development, analyst understanding and response, and client action items.
What we are looking for:
- Bachelor of Science or Master’s Degree in Cyber Security or Computer Science, Computer/software engineering, program, or other focus area applicable to this industry combined with 8+ years of experience in Incident Response, Blue Team, and/or Red Team technical operations.
- Or equivalent education and training that is documented with certifications, performance evaluations, course diplomas, or official memorandum.
- GCFA, GCIA, GREM, GCIH, CEH, OSCP, and other relevant information security certifications
- Leadership experience with developing people or operations AND with completing projects, tasks, and problem solving.
- Experience with 3 or more of the following areas: Incident response processes, Detection Engineering, Malware analysis, Network analysis, Threat intelligence reporting and analysis, Attack and Penetration Testing, Digital Forensics, or cyber threat emulation.
- Experience with Cyber threat methodologies, including the Cyber Kill Chain, Pyramid of Pain, MITRE ATT&CK Matrix, and Diamond Model, and applying them to enterprise Cyber operations.
- Strong understanding of cybersecurity topics and current threat adversary TTPs.
- Strong understanding of Windows and Linux internals.
- Combination of skillsets covering both offensive and defensive security practices.
- Proven scripting experience with Python/PowerShell/Bash/WMIC or other languages.
- Experience with threat hunting lifecycle and application of tools.
- Expert level knowledge of security tools to include but not limited to CrowdStrike, CarbonBlack, Tanium, Splunk, Anomali, Sentinel, Vectra, and other tools highly desired.
- Expert level knowledge of tool integrations to perform data correlation and automation.
- Possession of excellent oral and written communication skills, including making clear and concise presentations to various audiences with an executive presence.
With Optiv you can expect• A company committed to championing Diversity, Equality, and Inclusion through our Affinity groups including, Black Employee Network, Disabled Employee Network, Latino Employee Network, Optiv Pride (LGBTQIA+), Veterans Support Network, and Women's Network.• Work/life balance. • Professional training resources• Creative problem-solving and the ability to tackle unique, complex projects• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.• The ability and technology necessary to productively work remote/from home (where applicable)
Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law. Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation Bash Blue team CEH Computer Science CrowdStrike Cyber Kill Chain EDR Exploits Firewalls Forensics GCFA GCIA GCIH GREM IDS Incident response IPS Linux Malware MITRE ATT&CK Network security OSCP OSINT Pentesting PowerShell Privacy Python Red team Risk management Scripting SIEM SOAR Splunk Threat intelligence TTPs Vulnerabilities Windows XDR
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs