- Bachelors degree (or equivalent) in Computer Science, Cybersecurity, Information Security, or a related field.
- Minimum 3 years of information security experience, with a very strong technical background.
- Demonstrated Threat Hunting and Incident Response experience.
- Experience with threat hunting methodologies and tools, including but not limited to SIEM platforms, EDR solutions, network traffic analysis tools, and threat intelligence feeds.
- Well versed with analyzing and interpreting security logs, network traffic, and endpoint data to identify and investigate potential security incidents.
- Proficient in crafting advanced SIEM queries for detection criteria, adept at fine-tuning use cases and collaborating with log source stakeholders to establish baselines, ensuring enhanced detections and improved detection fidelity.
- Strong analytical, problem-solving, and critical-thinking skills, with the ability to work effectively in high-pressure situations.
- Experience with threat intelligence frameworks and methodologies, including STIX/TAXII, MITRE ATTACK framework, and other relevant standards.
- Security certification like GIAC Cyber Threat Intelligence (GCTI), GIAC Continuous Monitoring (GMON), GIAC Certified Intrusion Analyst (GCIA) or GIAC Certified Incident Handler (GCIH) or equivalent a plus.
- Conduct proactive threat hunting exercises to identify advanced and persistent threats within the organization's network and systems.
- Collaborate with cross-functional teams to develop and refine threat hunting methodologies, leveraging both internal and external threat intelligence sources (OSINT).
- Analyze threat data from various sources, including logs, network traffic, and endpoints, to identify indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with cyber threats.
- Investigate and respond to security incidents, analyzing the scope and impact of breaches, and developing mitigation strategies.
- Craft and refine detection rules, leveraging SIEM platforms, query languages, and custom scripts to develop robust and effective detection mechanisms.
- Create and maintain detailed documentation of threat hunting processes, findings, and incident response procedures.
- Proven ability to analyze and interpret log data from diverse sources, including network and endpoint logs, to identify patterns indicative of security incidents and potential vulnerabilities.
- Produce timely and accurate reports on threat hunting activities, findings, and recommended actions to stakeholders and management.
- Familiarity with a range of industry-leading detection tools, frameworks, and methodologies, ensuring the implementation of a robust and effective detection infrastructure aligned with organizational security objectives.
- Strong understanding of common cyber-attack techniques, such as phishing, malware propagation, lateral movement, and data exfiltration.
- Collaborate with the incident response team to develop and enhance incident response playbooks, ensuring alignment with threat intelligence insights.
-
Senior Back-End Developer Remote
Found in: Manatal GBL S2 T2 - 1 day ago
Info Resume Edge Lahore, PakistanAbout the Company · We are a leading UK web design and development agency. We deliver fit for purpose web platforms that are both search engine friendly and create a modern and professional online image. We are proud to have a proven track record in managing highly successful dig ...
Cyber Security Analyst - Lahore, Pakistan - HR POD - Hiring Talent Globally
Description
Requirements:
Responsibilities: