Cyber Security Analyst

We are seeking a skilled and experienced Threat Hunter to work in the Security Operations team. The ideal candidate should be a proactive and resourceful individual with a passion for identifying and neutralizing advanced threats to strengthen the company's defenses. This role requires a deep understanding of threat hunting methodologies, a strong analytical mindset, and exceptional communication skills. The role is expected to potentially work overtime in the event of responding to Security Incident to accommodate and manage Group’s Threat Intelligence services/program.

Conduct proactive threat hunting activities across various environments (endpoints, networks, cloud).

Develop and maintain threat hunting hypotheses based on current threat intelligence and organizational risk assessments.

Apply structured threat hunting methodologies leveraging frameworks such as MITRE ATT&CK, PEAK, TAHITI, THMM and Diamond Model to guide hypothesis creation, evidence collection and iterative improvements.

Deep technical knowledge of adversary tactics, malware analysis, intrusion detection and cloud security.

Familiar with EDR/XDR solutions, SIEM platform, data pipeline and threat hunting tooling to detect and disrupt adversary tactics.

Develop custom scripts and tools to automate threat hunting processes and improve efficiency.

Leverage various threat hunting techniques, including but not limited to, YARA rules, IOC analysis, and behavioral based analysis.

Analyze security logs, network traffic, and endpoint data to identify malicious activity and potential threats.

Investigate security incidents and provide detailed reports on findings, including root cause analysis and remediation recommendations.

Collaborate with other security teams (incident response, vulnerability management, etc.) to share threat intelligence and coordinate security efforts.

Develop and manage Cyber Threat Intelligence while staying up to date on the latest threat landscape, attack techniques, and emerging technologies.

Map advisory behaviors to ATT&CK techniques and translate findings into actionable intelligence.

Share actionable intelligence with internal teams and external stakeholders.

Present findings and recommendations to technical and executive audiences.

Contributes to the development and improvement of threat hunting strategies, processes and playbooks aligning with PEAK and TAHITI cycles for structural threat hunting.

Develop and maintain a strong understanding of the organization's infrastructure and applications to strengthen awareness of evolving threats and adversary behavior.

Drive maturing of the overall security operations service.

• Bachelor's degree in Computer Science, Cybersecurity, or a related field.
• At least 3+ years of experience in cybersecurity, with a minimum of 1-2 years focused on threat hunting.
• Strong understanding of various operating systems (Windows, Linux, macOS).
• Experience with various security tools and technologies (SIEM, EDR, network monitoring tools).
• Proficiency in scripting (Python, PowerShell).
• Strong analytical and problem-solving skills.
• Excellent communication and presentation skills to translate technical findings into business impact.

• Experience with threat intelligence platforms, feeds and CTI frameworks.
• Relevant security certifications (e.g., SANS GIAC, GNFA, GCFA, Offensive Security, etc)
• Experience with cloud platforms (AWS, Azure, GCP) and container security is a plus.