Threat Hunter L2

L2 Threat Hunter :

Experience : 3 Years in information security domain

SIEM Tools : Splunk, Qradar, ArcSight, etc.

Skill Set :

Should have Good knowledge on

1. Network Security

2. End point security

3. Threat intelligence

4. Vulnerability assessment

5. Common cyber attacks

Responsibilities :

• Hunt for security threats, identify threat actor groups and their techniques, tools and processes
• Provide expert analytic investigative support to L1 and L2 analysts for complex security incidents.
• Perform analysis of security incidents for further enhancement of rules, reports, AI / ML models
• perform analysis of network packet captures, DNS, proxy, NetFlow, malware, host-based security and application logs, as well as logs from various types of security sensors uncovering the unknown about internet threats and threat actors
• Analyze events to differentiate between malicious and benign activity and analyses malicious code, packet capture files, and artefacts.
• Examine alerts from various security monitoring tools, perform triage & determine scope of threats.
• Analyze logs, alerts, suspicious malwares samples from all GCSOC tools, other security tools deployed in the bank such as Anti-Virus, EDR, IPS / IDS, Firewalls, Proxies, Active Directory, Vulnerability assessment tools etc.
• Using knowledge of the current threat landscape, threat actor techniques, and the internal network,

analyze log data to detect active threats within the network. Build, document and maintain a comprehensive model of relevant threats to the bank.

Education :

BE, B Tech, BSC-IT, MCA, BCA or other related field

Certifications :

OEM Certification : Splunk Core Certified User

Industry Certification : CEH / CHFI / / GSEC / GMON / ITIL or any equivalent Security Certification

If you are interested please share me your updated CV on