Job Title: T&T | Cyber: D&R | Consultant | Threat Hunting | Delhi

T&T | Cyber: D&R | Consultant | Threat Hunting | Delhi
• Job requisition ID : 108132
• Location: Gurugram
• Entity: Deloitte Touche Tohmatsu India LLP
The team
Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks: Learn more about Cyber | Deloitte.
Your work profile
- Conduct proactive threat hunting across endpoints, networks, cloud environments, and log sources using SIEM and EDR platforms to identify potential security threats and indicators of compromise.
- Develop and execute threat hunting hypotheses based on threat intelligence and attack patterns.
- Analyse indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) aligned with MITRE ATT&CK framework.
- Correlate data across multiple sources (SIEM, EDR, firewall, network, and cloud logs) to identify suspicious behaviour.
- Recommend new use-cases detection logic and custom rules to enhance threat visibility in SIEM/EDR tools (e.g., QRadar, Splunk, Sentinel, Crowdstrike, TrendMicro Vision One, MS Defender).
- Work with SOC and IR teams to respond to and contain threats identified through hunting.
- Document hunting findings, attack patterns, and recommendations
- Stay current on cyber threat trends, APT campaigns, and new attack methodologies.
Key Skills Required:
- 2–4 years of experience in threat hunting, SOC analysis, incident response, or threat intelligence.
- Strong knowledge of network protocols, malware behaviour, and Windows/Linux internals.
- Hands-on experience with SIEM tools (QRadar, Splunk, or Sentinel) and EDR platforms (TrendMicro Vision One, CrowdStrike, Carbon Black, Defender).
- Familiarity with MITRE ATT&CK, Cyber Kill Chain, and IOC analysis.
- Strong analytical skills with ability to interpret large data sets and identify anomalies.
- Scripting experience (Python, PowerShell, or Bash) for automation or data enrichment preferred.
- Exposure to cloud security (AWS, Azure, GCP) is a plus
- Education: - Any Graduate or B.E / B. Tech (Tier 1/2) in Computer Science, Information Technology or related fields
