Job Title: Threat Hunter
Location: Chennai
Experience: 5–10 Years
Employment Type: Full-Time
Notice Period: Immediate Joiners or Up to 15 Days
About the Role
We are seeking an experienced Threat Hunter to proactively identify, investigate, and mitigate advanced cyber threats across enterprise environments. The ideal candidate will have extensive experience in threat hunting, incident response, malware analysis, and cyber threat intelligence, with the ability to detect sophisticated attacks before they impact business operations.
Key Responsibilities
-
Conduct proactive threat hunting across enterprise networks, endpoints, cloud platforms, and hybrid environments.
-
Identify Indicators of Compromise (IOCs), Indicators of Attack (IOAs), and suspicious behaviors using advanced detection techniques.
-
Analyze security telemetry from SIEM, EDR/XDR, network, and cloud security platforms to uncover hidden threats.
-
Investigate advanced persistent threats (APTs), ransomware, insider threats, phishing campaigns, and zero-day attacks.
-
Develop and execute hypothesis-driven threat hunting methodologies based on threat intelligence and the MITRE ATT&CK framework.
-
Perform malware analysis, forensic investigations, and root cause analysis for security incidents.
-
Create custom detection rules, use cases, queries, and analytics for threat detection platforms.
-
Collaborate with SOC, Incident Response, Digital Forensics, and Security Engineering teams to improve detection capabilities.
-
Integrate threat intelligence feeds into security monitoring platforms and enhance detection logic.
-
Automate repetitive threat hunting tasks using scripting and security automation tools.
-
Prepare detailed investigation reports, executive summaries, and remediation recommendations.
-
Stay updated with emerging cyber threats, attacker tactics, techniques, and procedures (TTPs).
Technical Skills
Mandatory Skills
-
Threat Hunting
-
Cyber Threat Intelligence (CTI)
-
Incident Response
-
Digital Forensics
-
Malware Analysis
-
Endpoint Detection & Response (EDR)
-
Extended Detection & Response (XDR)
-
SIEM Platforms (Microsoft Sentinel, Splunk, IBM QRadar, ArcSight)
-
Microsoft Defender XDR
-
CrowdStrike Falcon
-
Microsoft Defender for Endpoint
-
MITRE ATT&CK Framework
-
IOC & IOA Analysis
-
Network Traffic Analysis
-
Windows, Linux & Active Directory Security
-
PowerShell
-
Python
-
Kusto Query Language (KQL)
-
Log Analysis
-
Network Protocols (TCP/IP, DNS, HTTP, SMTP)
Good to Have
-
Microsoft Sentinel
-
Microsoft Defender Suite
-
CrowdStrike Falcon
-
Palo Alto Cortex XDR
-
Microsoft Entra ID
-
AWS Security
-
Azure Security
-
Google Cloud Security
-
YARA Rules
-
Sigma Rules
-
Suricata
-
Zeek
-
Wireshark
-
Microsoft Security Copilot
-
SOAR Platforms
-
Threat Intelligence Platforms (MISP, Recorded Future, Anomali)
Required Qualifications
-
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
-
5–10 years of experience in Cybersecurity, Threat Hunting, SOC Operations, or Incident Response.
-
Strong experience with SIEM, EDR/XDR, threat intelligence, and endpoint security solutions.
-
Hands-on experience in investigating complex cyber attacks and advanced threat actors.
-
Strong knowledge of enterprise security architecture, operating systems, networking, and cloud security.
-
Experience creating custom threat hunting queries and detection rules.
-
Excellent analytical, investigative, and problem-solving skills.
-
Strong communication, documentation, and presentation skills.
Preferred Certifications
-
GIAC Certified Threat Intelligence (GCTI)
-
GIAC Certified Incident Handler (GCIH)
-
GIAC Certified Forensic Analyst (GCFA)
-
Certified Information Systems Security Professional (CISSP)
-
Certified Ethical Hacker (CEH)
-
CompTIA CySA+
-
CompTIA Security+
-
Microsoft Certified: Security Operations Analyst Associate (SC-200)
-
Microsoft Certified: Cybersecurity Architect Expert (SC-100)
-
Splunk Certified Cybersecurity Defense Analyst
-
CrowdStrike Falcon Administrator Certification (Preferred)
Soft Skills
-
Strong analytical and investigative mindset.
-
Excellent communication and report-writing skills.
-
Ability to work under pressure during high-severity security incidents.
-
Strong collaboration and stakeholder management skills.
-
Self-motivated with a passion for continuous learning and emerging cyber threats.
-
Ability to mentor junior analysts and contribute to improving SOC maturity.