Job Title:  T&T | Cyber: D&R | AM | SIEM | Mumbai

Key Responsibilities

• Proactively hunt for threats across endpoints, network, and logs using SIEM/EDR tools
• Develop and execute threat hunting hypotheses based on threat intelligence and attack patterns
• Analyze large datasets (logs, alerts, network traffic) to identify anomalies and indicators of compromise (IOCs)
• Work closely with SOC (L1/L2) and Incident Response teams to validate and escalate findings
• Create and fine-tune detection rules/use cases in SIEM (e.g., IBM QRadar)
• Leverage threat intelligence feeds (MITRE ATT&CK mapping, TTPs) to enhance hunting strategies
• Perform retrospective analysis to identify missed attacks
• Document hunting findings, attack patterns, and recommendations
• Automate repetitive hunting tasks using scripts (Python, PowerShell, etc.) 

Required Skills & Experience 

3+ years in SOC / Threat Hunting / Incident Response 

Hands-on experience with SIEM tools (e.g., QRadar, Splunk) 

Exposure to EDR/XDR platforms 

Technical Skills 

Network protocols (TCP/IP, DNS, HTTP/S) 

Windows/Linux security logs 

Endpoint behavior and attack techniques 

Familiarity with: 

MITRE ATT&CK framework 

Threat intelligence platforms 

Log analysis and correlation 

Basic scripting skills (Python, Bash, PowerShell) 

Education: Any bchelores Degree.