Associate Manager
Allstate
India
15d ago

Job Description

An experienced Threat Operations Hunter performs intelligence-driven network defense supporting the monitoring and incident response capabilities.

The role involves analysis of large amounts of data from vendors and internal sources, including various indicator feeds, Splunk, and several threat intelligence tools, etc.

Threat Hunters perform the functions of threat operations and hunting and serve as the liaison for Threat Intelligence in the Security Operations Center, and mentor the incident handling, incident response, and forensics teams.

Job Responsibilities

  • Enhancing the Security Operations and Threat Intelligence workflow by redesigning process and approach to operationalize the sharing and utilization of actionable intelligence and indicators.
  • Assist in identifying (hunting) and profiling threat actors and TTPs.
  • Custom tool design to assist in analysis and investigation. (Related experience in programming, database, system administration, etc.)
  • Implementing integration / orchestration of existing security infrastructure and indicators.
  • Design and run custom analysis models on (centralized) security event information to discover active threats, including collaboration on the development of use cases when appropriate.
  • Perform as an Information Security SME in the following areas : Threat Intelligence Incident Response Log analysis (statistical modeling, correlation, pattern recognition, etc.
  • Microsoft platform (Server, workstation, applications) Open Systems platforms (Linux, UNIX, VM Ware ESX) Web Application Networking (firewalls, IDS / IPS, packet capture) Databases (Oracle, SQL Server, DB2, IMS) and others.

  • Providing mentorship and support to teammates with regard to Threat Intelligence, communication / rapport with other divisions and various levels of leadership, technical expertise, and career development.
  • Capable of identifying need & driving solutions, and providing guidance, in an autonomous manner.
  • Primary Skills

  • Enhancing the Security Operations and Threat Intelligence workflow by redesigning process and approach to operationalize the sharing and utilization of actionable intelligence and indicators.
  • Assist in identifying (hunting) and profiling threat actors and TTPs.
  • Custom tool design to assist in analysis and investigation. (Related experience in programming, database, system administration, etc.)
  • Implementing integration / orchestration of existing security infrastructure and indicators.
  • Design and run custom analysis models on (centralized) security event information to discover active threats, including collaboration on the development of use cases when appropriate.
  • Perform as an Information Security SME in the following areas : Threat Intelligence Incident Response Log analysis (statistical modeling, correlation, pattern recognition, etc.
  • Microsoft platform (Server, workstation, applications) Open Systems platforms (Linux, UNIX, VM Ware ESX) Web Application Networking (firewalls, IDS / IPS, packet capture) Databases (Oracle, SQL Server, DB2, IMS) and others.

  • Providing mentorship and support to teammates with regard to Threat Intelligence, communication / rapport with other divisions and various levels of leadership, technical expertise, and career development.
  • Capable of identifying need & driving solutions, and providing guidance, in an autonomous manner.
  • Shift Timing

    Any shift from 08 : 00AM to 09 : 00PM IST

    Apply
    Add to favorites
    Remove from favorites
    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form