Level: Senior Consultant
As a Threat Hunter, you will support the Security Operations Center (SOC) by researching relevant threat actors, attack vectors, and behaviors pertinent to client industries and to each client’s network environment in particular.
Work you'll do
As a Senior Consultant on the Detect & Respond team, you will be responsible for leading threat hunting activities across client environments and supporting advanced security investigations.
- Research threat campaigns, attack vectors, and adversary behaviors and identify corresponding activity in client environments.
- Analyze host, network, traffic, and protocol data to investigate threats, triage activity, and support client requests involving vulnerabilities, zero-day events, and security incidents.
- Maintain awareness of client technology architecture, known weaknesses, monitoring tools, threat intelligence, and recent security incidents to inform threat hunting activities.
- Support Security Information and Event Management content development and testing, provide remediation recommendations, and document investigations and procedures in ticketing systems.
- Mentor junior threat hunters, present findings to clients, and collaborate with service leadership to improve and grow the service.
The team
Deloitte’s Detect & Respond (D&R) aims to combine sophisticated technologies and human intelligence to help the clients monitor, detect, investigate, and respond to known and unknown attacks. We help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. The Detect and Respond team delivers service to clients through following key areas:
- Threat detection and response
- Attack surface management
- Threat Intelligence
- Threat Hunting
- Data Protection
Location: Bengaluru/Hyderabad/Pune/Chennai
Shift Timings: 24x7 rotational shifts; flexibility for night, weekend, and holiday coverage is required; on-call support required based on project assignments.
Qualifications
Required:
- Bachelor’s degree in Intelligence Studies, Information Security, Information Technology, Computer Science, Mathematics, or a related field
- 6+ years of experience in security information or technology engineering support
- Certified Information Systems Security Professional, GIAC Certified Intrusion Analyst, GIAC Continuous Monitoring, Certified Ethical Hacker, or equivalent certification
- Experience with security technologies including Security Information and Event Management, Intrusion Detection System/Intrusion Prevention System, Data Loss Prevention, proxy, Web Application Firewall, Endpoint Detection and Response, antivirus, sandboxing, firewalls, threat intelligence, or penetration testing
- Knowledge of Advanced Persistent Threat tactics, techniques, and procedures
- Knowledge of attack activities including network probing, scanning, distributed denial-of-service, and malicious code activity
- Knowledge of routers, switches, Transmission Control Protocol/Internet Protocol, Domain Name System, Hypertext Transfer Protocol Secure, and system security architecture
Preferred:
- Experience with Python, Java, or Ruby
- Experience with endpoint, threat intelligence, digital forensics, or malware analysis tools
- Experience with Security Information and Event Management content development and testing
- Experience presenting threat hunting findings and remediation recommendations to clients
- Experience documenting procedures, automation, or workflow improvements for security operations
- Experience mentoring junior team members or delivering training
