Responsibilities:

• Operationalize Indicators of Compromise (IOCs) and Indicators of Attack (IOAs) from intelligence feeds by developing, testing, and deploying monitoring and alerting rules.
• Develop use cases and create threat detection logic, rules, and alerts in the SIEM tool.
• Collaborate with the threat intelligence team to perform proactive research and analysis of the latest threat actor tactics, techniques, and procedures (TTPs).
• Contribute to the improvement of the threat detection and response processes, procedures, tools, and automation based on lessons learned.
• Analyse threat information gathered from logs, intelligence reports, vendor sites, and a variety of other sources and recommends rules and other process changes to protect against the same.

Qualifications:

• 1-2 years of experience in cybersecurity operations, preferably threat hunting.
• A Bachelor's degree in Computer Science, Information Security, or a STEM (Science Technology, Engineering, and Mathematics) degree.
• Experience working with cyber security analytics tools (i.e. Splunk ES, Securonix).
• Experience with the MITRE ATT&CK Framework, Cyber Kill Chain, Pyramid of Pain as well as common attack vectors, including advanced adversaries (nation state/financial motivation).
• Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, curiosity, and solution orientation, and to learn and adapt quickly in a dynamic environment.